[Asrg] [IP] do-not-email list canned

[gep2 at terabites.com]

This is SO wrong-headed.

I agree that the FCC shouldn't provide a list of "do not spam" addresses.... 
since that list of addresses would IMMEDIATELY and HEAVILY be spammed.

But they could certainly screen a mailer's list against the do-not-call list and 
strip DNC addresses.

The REAL failure of their whole "authentication" approach (and this is shared by 
Microsoft's halfwit idea too, and indeed all the "authentication/authorization" 
approaches), is that infected spambot zombie machines can and will send out spam 
using their (legitimate) own authorization.  So, yeah, they can track down the 
infected machines, but for each one they track down, there'll be ten more.

It IS true that authentication approaches can help to minimize spoofed return 
addresses... although ultimately IT IS A KINDNESS on the part of spammers to 
generate bogus return addresses... since otherwise their zombie spambot victims 
will receive MOUNTAINS of bounces and angry complaint E-mails.  Is it REALLY an 
improvement to force spam to use the real E-mail address of the owner of the 
infected computer?

Until they really solve the virus/worm problem (and none of these approaches 
solve that, either, except the one I've been proposing) you don't solve the 
zombie spambot problem, and if you don't solve the zombie spambot problem, then 
you CANNOT solve the DDOS problem or the spam problem by these ill-conceived and 
almost wholly nonsensical "authentication" approaches.

No amount of armoring of corporate/enterprise datacenters will solve the DDOS 
problem as long as machines belonging to "dumb users" are vulnerable to trojans, 
worms, and viruses.  We have to solve this problem at the level of E-mail 
clients used by the unwashed masses, if we're ever going to get a real handle on 
the problem.

<---- Begin Forwarded Message ---->
To: Ip <ip at v2.listbox.com>
From: David Farber <dave at farber.net>
Subject: [IP] do-not-email list canned
Date: Tue, 15 Jun 2004 17:38:31 -0400
Reply-To: dave at farber.net



Begin forwarded message:

From: Carl Malamud <carl at media.org>
Date: June 15, 2004 5:20:38 PM EDT
To: dave at farber.net
Subject: do-not-email list canned

http://www.ftc.gov/opa/2004/06/canspam2.htm

"Instead of implementing a registry that would, at best have no impact 
on spam and, at worst,
cause it to increase, the FTC's plan recognizes the need for an 
authentication standard.
The FTC's Report explains that 'without effective authentication of 
email, any registry is
doomed to fail. With authentication, better CAN-SPAM Act enforcement 
and better filtering by
ISPs may even make a registry unnecessary.'

The Commission vote to issue the report was 5-0."


-------------------------------------
Archives at: http://www.interesting-people.org/archives/interesting-people/


<----  End Forwarded Message  ---->

Gordon Peterson                  http://personal.terabites.com/
1977-2002  Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections!  http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.



_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg