Kee Hinckley wrote:
agreed. Every single solution I've seen here on this mailing list has a major problem getting away from T0. Solution I'm proposing as implemented by camram is a filter chain that allows messages to escape the filter by either stamp or white list. The last stage is a classic Bayesian filter for message sourcing into Spam/good mail/indeterminate.At 11:28 AM -0500 3/8/03, Eric S. Johansson wrote:1) the incentive is to make sure their messages delivered. In the physical world, if I call them up on the telephone and order a catalog, they have an incentive to add postage to make sure I get but I asked for otherwise they risk me taking my business elsewhere. so, why should not be the same electronically.
That incentive does not exist until a significant percentage of systems block non-stamped email. Until then the only person suffering is the one who installed a non-stamp-blocking system, not the vendor.
yes but the other authorization mechanisms are frequent more clumsy and or fail because of centralized infrastructure requirements. Proof of work stamps such as hashcash work extremely well in this setting.2) increasingly, antispam filters are taking out legitimate communications from businesses. The use of a stamp would allow them to bypass the filters without requiring the recipient to do anything special (i.e. white list, filter exception).
This logic works better. But of course any standard authorization mechanism can provide this benefit, not just stamps.
Granted, one could hammer the subscription side of the house but it's a fairly low risk target. In any case, it clearly need more thinking to solve the problem.I accepted this is a weak spot but I believe it can be solved. Using techniques such as address probes (i.e. does this domain/user exist) and rate analysis (normal vs. abnormal levels of traffic) can help minimize the impact.
Yow. That's a pretty heavy bit of infrastructure for doing nothing but set up a mailing list.
Something to remember when thinking about fraud, spam, and attacks on the internet--especially when comparing to that in real life. There are lots of things that people would never do in real life that they will do online. Furthermore, do to the point to point nature of the internet, every single lowlife in the world has a direct connection to you. So, multiple decreased inhibitions by increased access and you've got to be a lot more careful.very good point. I've been thinking about this for quite a while and have closed most of the holes.
The other thing that really concerns me about spam fighting is the cost of unintended consequences. Stamps are one type of solution that is very prone to this, as are many of the legal solutions people have proposed.I agree it's a concern. And I will argue two points. First, stamps will drive off most spammers. Second, even if it does create one million legitimate e-mail advertisers, that is an improvement. Like it or not e-mail advertising is not going to go away. The best we can hope for is raising the costs so it's minimized and use this opportunity to create the right cultural rules which are often stronger than legal rules.
These solutions don't try to stop spam. They try and set rules for spamming. "You may spam if you pay postage." "You may spam if you provide an unsubscribe address." These solutions legitimize spam. They open up the door for lawsuits against ISPs who block email that meets the rules. They send a message to every company in the world that it's okay to send email to people who didn't give consent, so long as they follow the rules. A postage-paid system that doesn't put a company like ZDNet out of business (what, a million messages a day or something like that?) is *not* going to be a barrier to entry for most companies. Instead of having a thousand or so spammers running around hitting you every day, you're going to have tens of thousands of companies sending you email every month saying, "If you don't want to be on this list, please follow these arcane unsubscribe directions." This will *not* be an improvement.