Spam Control Considered Harmful
Jay R. Ashworth
jra at scfn.thpl.lib.fl.us
Tue Oct 28 19:34:02 UTC 1997
On Tue, Oct 28, 1997 at 02:05:36PM -0500, Phil Lawlor wrote:
> At 10:14 AM 10/28/97 -0800, Scott Hazen Mueller wrote:
> >That said, I feel that the only technological solution to the spam problem is
> >a large-scale re-structuring of Internet mail to provide for secure
> >authentication and cost sharing for received e-mail. The scale and cost of
> >such a deployment makes something like that a political and social problem,
> >however.
>
> What if the equivalent of "caller ID" was built into sendmail? Making sure
> that the sender is a valid email address.
Similar to source address validation on dialup connections, another
topic that has been bandied about here in the past.
Properly configured sendmail's do this, mostly. My local one,
certainly, correctly identifies the actual sender even when the HELO is
forged.
> AGIS is looking for viable solutions to the overall problem. We have moved
> any customers that we receive UBE complaints into AS 3830 (which is
> getting emptier), making them even more visible. This assists in blocking
> SPAM domains at the router level. For those using the Vixie like
> approaches, this works. Notwithstanding, this thread focuses on the threat
> of such efforts.
>
> Phil Lawlor
> President
> AGIS
In light of the recent disconnection of CyberPromo and litigation, I
guess we'll tentatively believe this. Of course, you realize that
you're not going to get treatment as generous as mine from many of the
members of this list, who consider you as a major contributor to the
problem. One section from my personal anti-spam reply form letter
might be indicative, and it's last paragraph in particular:
==============================================================================
Notice to Postmasters
Your systems were used to send this message. If this is contrary to
your AUP's, please act accordingly. If it is not, you may wish to take
advice on whether not adding such a provision leaves you open to legal
exposure.
Please note that you may have gotten this message even if it's obvious
to me that your machine was used solely as a transit system for the
email in question; I mean to cause you to decide that a bit more care
in the choice of whose mail to forward would be A Good Thing.
And, you may even have received a copy of this if you simply provide
wholesale connectivity to a sender of unsolicited commercial email --
this shouldn't remain An Acceptable Dodge, either.
Finally, please note that if your company policy is such that you
appear to publically not care whether your customers behave in
unethical or illegal manners -- yes, AGIS, I mean _you_ -- then any
legal theories which make you civilly or criminally liable in tort or
statute _will_ be pursued.
Govern yourself accordingly.
==============================================================================
This is a _HOT_ topic.
Cheers,
-- jra
--
Jay R. Ashworth jra at baylink.com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "Pedantry. It's not just a job, it's an
Tampa Bay, Florida adventure." -- someone on AFU +1 813 790 7592
More information about the NANOG
mailing list