Re: Spam solution?

[Dave Aronson <ietf2dave at davearonson.com>]

admin at moricz-bp.sulinet.hu wrote:

> I think to need an new e-mail rules, to stop this madness.
> I call it application card.

Nice try, and I can say for sure that the basis of your idea is good 
enough to make products that people were willing to pay for... a few 
years ago.  Unfortunately it makes one or two classic mistakes, which 
have been figured out in the meantime.

If I understand rightly, it depends on spammers to go along with it, 
sending an application instead of a plain email.  If they were that 
civil, the entire spam problem would have dried right up shortly after 
people started objecting to it.  If you mean that the user would set it 
up in such a way that this would be automagically enforced for all new 
contacts, that relieves the dependence on the civility of the obviously 
uncivil.

Even then, though, the mechanism itself has been thought of before. 
It's generally called challenge-response.  It may be acceptable for 
people who receive a tiny volume of unsolicited but desired email, or 
solicited email from new contacts.  However, for the rest of us, it 
doesn't work very well.  It imposes a burden, small but tiresome, on our 
new correspondents, that many are not willing to bear.  In fact, much of 
the email we want to get, is sent by automated mechanisms that simply 
*cannot* respond to it.

(Some might think that the answer is to establish standards for the 
format of the challenges and responses, so that these automated systems 
can respond.  I think it's a pretty safe bet that the spammers would 
then start using such systems.  Back to Square One, just with a lot more 
money down yet another rathole, and more pain for the innocent.  A while 
back I gave some thought to designing standards for signing up for 
automated emails, in such a way that the source would be automagically 
added to your "whitelist".  That never really got anywhere either, but I 
suspect that it also would have been abusable by spammers.)

Lastly, unless the request cards folder, with its many subfolders, is 
going to be managed automagically by the email program, this sounds 
rather unwieldy.

The spam problem is deceptively simple-looking from the point of view of 
the typical user, or even administrator.  I suggest you check out the 
Internet *Research* Task Force's working group on spam, called the 
Anti-Spam Research Group or ASRG.  Their home page is at 
http://asrg.sp.am/.  A lot of it consists (or at least when I hung out 
there, consisted) of going round and round in circles, actually 
accomplishing very little, but you can learn a lot from the discussions, 
about how complex the problem really is, what has been tried, and why 
certain approaches are absolutely doomed.

-Dave (no, not that one, no, not that other one, the other other one)

--
Dave Aronson
"Specialization is for insects." -Heinlein
Work: http://www.davearonson.com/
Play: http://www.davearonson.net/

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf