[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Re: Why SPF?

To: rogerk at queernet.org
Subject: Re: [Asrg] Re: Why SPF?
From: Barry Shein <bzs at world.std.com>
Date: Fri, 30 Jul 2004 19:21:06 -0400
Cc: asrg at ietf.org, Barry Shein <bzs at world.std.com>
In-reply-to: <1091226790.410acca65d91f@mailbox.onlinepolicy.net>
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <20040730171450.3F89E16E17@mail.nitros9.org> <1091211922.410a92927f5f9@mailbox.onlinepolicy.net> <1091213262.410a97cec69c6@mailbox.onlinepolicy.net> <200407301927.i6UJRiv27303@panix5.panix.com> <1091221480.410ab7e84f978@mailbox.onlinepolicy.net> <16650.51574.551957.629781@world.std.com> <1091226790.410acca65d91f@mailbox.onlinepolicy.net>
Sender: asrg-bounces at ietf.org

On July 30, 2004 at 15:33 rogerk at queernet.org (rogerk at queernet.org) wrote:
 > But odds are they will do it without your knowing it or consenting to it, throw
 > away mail you wish to receive without your awareness or consent, all in the
 > name of spam reduction.
 > 
 > First do no harm.

That's a nice sentiment but what you're discounting are perfectly good
reasons that isn't possible or practical in the current world:

1. As I've noted before, we've been hit by 1500+ servers simultaneous
spewing the same spam. It's not unusual to have dozens or even
hundreds of spam servers spewing at us simultaneously.

During an attack like that, which amounts to a DDoS, little mail gets
through anyhow, so you block those machines. Of course, some might be
compromised mail servers also trying to deliver your legitimate
mail. What to do?

2. Letting spam into peoples' mailboxes is doing harm. All mailboxes
have some limit on how much mail they can hold, even if it's
gigabytes. But for most people it's much less than that, dozens or
hundreds of MB.

And when that mailbox fills, mail starts bouncing anyhow.

Now, which is worse, a false positive, or mail that bounced because
the dirtbags filled your mailbox while you weren't looking?

3. I suppose we could demand that, no matter what, sufficient
resources must be provided so no mail is ever lost, bounced or
unreasonably delayed.

But the public has spoken, they want it cheap, very cheap, $10/month
cheap or less, free cheap is good.

So, you know what they say about champagne tastes and beer money.

This is why there needs to be an effective response to spam, it's
simultaneously raising the cost and lowering the quality of email
dramatically.

Running around trying to stick someone else with the bill for that
criminality isn't really a practical response.

-- 
        -Barry Shein

Software Tool & Die    | bzs at TheWorld.com           | http://www.TheWorld.com
Purveyors to the Trade | Voice: 617-739-0202        | Login: 617-739-WRLD
The World              | Public Access Internet     | Since 1989     *oo*

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- Re: [Asrg] Re: Why SPF?
  - From: Alan DeKok
- Re: [Asrg] Re: Why SPF?
  - From: rogerk
- Re: [Asrg] Re: Why SPF?
  - From: rogerk
- Re: [Asrg] Re: Why SPF?
  - From: Seth Breidbart
- Re: [Asrg] Re: Why SPF?
  - From: rogerk
- Re: [Asrg] Re: Why SPF?
  - From: Barry Shein
- Re: [Asrg] Re: Why SPF?
  - From: rogerk

Prev by Date: Re: [Asrg] How would SPF or Sender ID stopped this attack
Next by Date: RE: [Asrg] How would SPF or Sender ID stopped this attack
Previous by thread: Re: [Asrg] Re: Why SPF?
Next by thread: Re: [Asrg] Re: Why SPF?
Index(es):
- Date
- Thread