[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Asrg] re: taxonomy of solutions, including some new items

To: asrg@ietf.org
Subject: [Asrg] re: taxonomy of solutions, including some new items
From: Liudvikas Bukys <bukys@cs.rochester.edu>
Date: Mon, 10 Mar 2003 13:57:21 -0500
Cc: Paul Judge <paul.judge@ciphertrust.com>, bukys@cs.rochester.edu
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-admin@ietf.org

Just a few comments on what I called the unimplemented ideas in
my preceding note on taxonomy of solutions:

** consent verification

	When I saw the ASRG charter, I leaped to the conclusion that a
	consent model would be useful for two reasons:	(1) to contribute
	to a rigorous careful discussion, and (2) to produce human- and
	machine-readable representations of consent that would be useful
	for such things as:
	- reducing the "I didn't know any better" gray-area excuse of
	  spammers regarding opt-in, opt-out, and database reselling
	- making life better for users by causing practices to converge on
	  consent that is explicit, self-documenting and user-accessible,
	  establishing standardized representations (similar to DSNs),
	  and offering choices that are "good enough" but much lighter-
	  weight than, say, PKI.

	Is this what the chair was thinking?

	[Let me also leap ahead and say that, yes, legitimate large
	emailers would benefit from explicit consent standards, but,
	no, I am not a "friend of spammers".]


- content-indexed blacklists
    ** URLS and phone numbers

	Actually I believe that Paul Graham touched on this, regarding
	what you do to analyze content when the message body itself is
	driven by content filters to become innocuous.	Presumably all
	spam other than DoS spam has some ground to the real world in
	order to make transactions.


- protocol hints or restrictions
    ** associate permissible (env-sender,src-addr) (RMX, Designated Sender, Vixie MAIL_FROM)

	We've had lots of discussion on this already.  Forgive me if I'm
	wrong in lumping all three proposals into an equivalance class.
	Although wide adoption would be a significant change of lifestyle
	for many, it is (as Vixie's document notes) a voluntary effort by
	domain owners and MTA operators.  The benefit of some "joe job"
	reduction, plus its voluntary adoption, seems like a "do no harm"
	to me.
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Prev by Date: Re: [Asrg] DCC and IP checksums
Next by Date: RE: [Asrg] Nucleus of a draft BCP on filtering
Previous by thread: [Asrg] inventory of problems
Next by thread: [Asrg] Measurements on spam
Index(es):
- Date
- Thread