IETF SMTP Working Group Proposal at smtpng.org

• Previous message (by thread): IETF SMTP Working Group Proposal at smtpng.org
• Next message (by thread): IETF SMTP Working Group Proposal at smtpng.org
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 21 Aug 2002, Gary E. Miller wrote:

:> Spam would not exist if both MUA's and MTA's had adequate policy
:> enforcement features on them, so that users could set granular
:> controls on what was allowed into their mailboxes.
:
:Nice try, but not close enough.
:
:Spam is a LEGAL problem.

Actually, I'm bang on. :) 

It's not a legal problem, yet. The reason for this is that there 
is no legal definition of spam that is applicable outside a small
number of jurisdictions. In fact, there is no single 
comprehensive definition of spam other than that its most 
consistent attribute, which is users inability to filter it 
without losing legitimate mail. 

Look at CAUCE, Brightmail, SpamAssassin. None of them provide 
a comprehensive definition of all spam, rather, they define it by
some of its effects, or deal with it as a matter of heuristic 
scoring. 

By looking at its one unique attribute, we see that it is a direct
leveraging/exploitation of the openness of the SMTP protocol and 
the culture of the Internet SMTP was designed to serve.  

That "openness" used to be the social contract of email, now it 
is simply a lack of enforcable policy and tools. 


:There are many cases where spammers negotiated a service contract with
:out anti-spamming clauses.  Then when the ISP figures out they have
:a bulk spammer for a custmoer they can not shut down the spammer because
:the spammer gets a court order to enforce the service agreement.

Yes, but that does not give the end recipient any direct recourse, 
and also defines spam as a contract violation between an ISP and its
client, and has no regard for the messages themselves. 

:Put those two together and no technical solution will fix the problem.

Actually it will. The model that TMDA uses (whitelists and confirmed
corespondant registration with the recipient) is partial  example of a 
solution that will make all spam an explicit case of unauthorized 
access, which can then be a legal issue. 

One of the most basic principles of computer security is:  
No Policy = No Crime.  Until users have adequate tools and 
protocol support to control of what comes into their mailboxes, 
there will be spam. 

Cheers, 

--
batz

• Previous message (by thread): IETF SMTP Working Group Proposal at smtpng.org
• Next message (by thread): IETF SMTP Working Group Proposal at smtpng.org
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]