Questions about Internet Packet Losses
bzs at world.std.com
Thu Jan 16 17:59:26 UTC 1997
From: Matthew Gering <MGering at Raima.com>
>The problem with making it a civil offense around trademark and
>misrepresentation issues is that enforceability will vary greatly
>depending on the jurisdiction, especially trademark, and therefore does
>not scale well the the global Internet.
Let's not make the best the enemy of the good. Plenty of countries'
legal systems are willing to protect and enforce trademarks. That
there exists one or more countries where it can't be enforced is not a
scaling problem, which I interpret as a solution which works for the
small case but collapses in the large usually due to poor algorithms
or non-automation, just areas which will remain future projects
somewhat dependent upon whether or not their internet populace
cares. But for example the CD music industry certainly has problems
with rogue countries but that hardly nullifies the use of trademark
and other intellectual property protection elsewhere.
Usually the most damning idea is that these spammers will go off-shore
to countries which won't enforce, eg, trademark violations.
I don't think this would be a major problem in this case because:
a) I don't actually think spammers make enough money to be terribly
attractive to such countries or to operate off-shore (do these guys
even incorporate?), their motivation (read: $$$) to be pirates and
take the flak that will incur for the country probably isn't there
b) those countries can get their email blocked or treated more
suspiciously, it certainly reduces the size of the problem (hmm, 200
msgs from Lower Slobbovia today, maybe we better hand-check what
that's all about.) Individuals could certainly filter/sort all email
from suspect countries easily.
c) having formed an organization with funds for legal enforcement such
issues can be further explored when the problem arises.
d) ultimately the question is: to what extent will these spammers
really go, and go to war, to do what they do? Sending spam from the
pee-cee in the den is one thing, setting up foreign corporations etc
really raises the bar (or, in Caribbean countries, lowers the bar.)
If something eliminated 85% or more of the worst spam, but not 100%,
would that negate the value of the solution?
>Secondly I disagree with is making this enforcing body a private,
>membership-based organization -- it may be subject to abuse.
Anything can be subject to abuse but point taken, but this will be a
pretty hollow idea if there aren't funds to pursue violators.
>What I think would work best, along the same lines and motivation, would
>be council of sorts, perhaps with the EFF and IETF as the principle
>members, that would draft a policy. That policy would be adopted by the
>public exchange points as part of the legal contract for NSP's to
>connect there, which would apply to the NSP, and everyone downstream of
>them. It would therefore be incorporated into any connection contract
>down the line.
I 100% agree that this would best be done within the auspices of
another group. Forming an entire group (eg, offices, staff etc to deal
with membership and money handling for example) would probably be
>By incorporating it into the connection contract, it falls under
>contract law and is much more universal, and the abuser may be charged
>with breach of contract, which is tied to their connectivity.
I don't see how hoping it'll be incorporated into connection contracts
by ISPs is more promising vis a vis int'l propagation. At least this
approach has the advantage that it goads others into complying without
forcing them, you want to send email to compliant sites, you
A few large ISPs complying with the header approach would be a
powerful inducement, how many sites would like to tell their users
they can no longer send email to (insert major ISP names here)? One
goads the other (you want to send us email -- as of 1/1/98 you'll have
to be compliant) rather than waiting for lawyers to draw up contracts
>As for the particular fix for SMTP spamming, I would then suggest a
>[0 -- reserved] (emergency priority)
>[1-3 -- private email]
>[4 -- solicited distribution] (mailing lists, etc)
>[5 -- unsolicited distribution] (spam)
>SMTP server may do whatever it wishes with the header (ignore it,
>implement a priority based queue, filtering ,etc), and the header is not
>even required (but likely will be universally adopted to insure delivery
>after a grace period), the only contractual obligation is that it cannot
Every site could treat the headers differently on receipt, that's
neither here nor there to this proposal, that's between the site and
its users/customers. The only thing they *have* to do is to include
honest headers when they send to other sites, if they don't want their
email thrown on the floor.
Obviously I suspect it'll devolve into a few possibilities a) ignore
the headers entirely upon receipt b) sort by header c) drop mail with
certain classes of headers or missing headers.
>I don't quite get the whole dual port deal.
I was mostly listing out what I heard, the proposal needs some tuning,
but there's something attractive about immediately implementing a
"hygienic" mail port. More later...
Software Tool & Die | bzs at world.std.com | http://www.std.com
Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
The World | Public Access Internet | Since 1989
More information about the NANOG