North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: IETF SMTP Working Group Proposal at smtpng.org
- From: batz
- Date: Wed Aug 21 15:23:02 2002
On Wed, 21 Aug 2002, Gary E. Miller wrote:
:> Spam would not exist if both MUA's and MTA's had adequate policy
:> enforcement features on them, so that users could set granular
:> controls on what was allowed into their mailboxes.
:Nice try, but not close enough.
:Spam is a LEGAL problem.
Actually, I'm bang on. :)
It's not a legal problem, yet. The reason for this is that there
is no legal definition of spam that is applicable outside a small
number of jurisdictions. In fact, there is no single
comprehensive definition of spam other than that its most
consistent attribute, which is users inability to filter it
without losing legitimate mail.
Look at CAUCE, Brightmail, SpamAssassin. None of them provide
a comprehensive definition of all spam, rather, they define it by
some of its effects, or deal with it as a matter of heuristic
By looking at its one unique attribute, we see that it is a direct
leveraging/exploitation of the openness of the SMTP protocol and
the culture of the Internet SMTP was designed to serve.
That "openness" used to be the social contract of email, now it
is simply a lack of enforcable policy and tools.
:There are many cases where spammers negotiated a service contract with
:out anti-spamming clauses. Then when the ISP figures out they have
:a bulk spammer for a custmoer they can not shut down the spammer because
:the spammer gets a court order to enforce the service agreement.
Yes, but that does not give the end recipient any direct recourse,
and also defines spam as a contract violation between an ISP and its
client, and has no regard for the messages themselves.
:Put those two together and no technical solution will fix the problem.
Actually it will. The model that TMDA uses (whitelists and confirmed
corespondant registration with the recipient) is partial example of a
solution that will make all spam an explicit case of unauthorized
access, which can then be a legal issue.
One of the most basic principles of computer security is:
No Policy = No Crime. Until users have adequate tools and
protocol support to control of what comes into their mailboxes,
there will be spam.