Fwd: Re: Digital Island sponsors DoS attempt?

Sun Oct 28 21:15:42 UTC 2001

On Sun, Oct 28, 2001 at 12:28:47PM -0800, Paul Vixie wrote:
> > Philosophically I think the EFF is right.  Blocking a single
> > legitimate e-mail is very bad, and should be avoided at all costs.
> 
> Bad for whom?  Only for the sender?  Does this sender have rights
> which should supercede the property rights of recipients and of
> infrastructure owners?  If so then who gets to decide whether mail
> is legitimate or not?  The sender again?  If so then why should
> anyone ever be allowed to filter out "spam", either as a recipient,
> or as an infrastructure owner?

I was using legitimate in the sense of 'e-mail that the receiver
wanted to receive'.  That could extend to other services as well.
Consider when MAPS blocks a web site because someone is wack-a-mole
spamming directing people to the web site.  It may be the case that
there are users out there that never received spam, but wanted to
view the web site and are prevented.  On a philosophical level I
have a real problem with that.  It's easy to take this to an extreme
as well, if your network ever generates a single spam it should be
disconnected from the Internet.

Legitimate also takes on other forms.  If I choose online billing
for phone service, and then don't pay I may not _want_ a message
from the phone company saying 'pay up or else', nor do I think most
people would defend blocking such a message as blocking "spam".

To more precisely define it, UCE is what I care about, those three
words, Unsolicited Commercial E-mail fairly precisely define the
bad type of e-mail.  If the methods employed to block UCE block
solicited commercial e-mail, or any form of non-commercial e-mail
then we need to find better methods.  (Note, this leaves a small
potential problem, in that people promoting religious beliefs and
the like might attempt to bulk e-mail under the guise of it being
non-commercial.  For now I will assume any interesting entity must
have real $$'s invested, and therefor fits a broad definition of
commercial.  If it believed this would be a real problem I'll think
about it and form an opinion.)

> I also want the law to be pure and true, but there is no civil liberty
> involving the transmission of e-mail or any other traffic whose cost
> of delivery is paid in any way by anyone other than that sender.

Witness ORBS, who had a judgment against them for doing bad things.
In a way, all those who used and supported ORBS were guilty as
well.  I also don't want to see anti-spam provisions in laws that
make us give up rights, like governmental ability to wiretap all
communications without a warrant to scan for spam. That would be
bad, as they would be scanning many non-spam communications. The
spill over from fighting spam can have some dangerous consequences.

I also think it's very important to get past the 'who pays' argument.
It's a good argument from a technology point of view, or from the
individual's point of view, but it doesn't work in the abstract.
Worst case is someone will develop and popularize (or legislate)
a settlement system where the sender can pay for the entire
transaction.  If we assume the sender and receiver are expending
equal resources we just doubled the cost to spammers.  I suspect
that would be a non-issue to the spammers.  It's still orders of
magnitude cheaper than direct mail, or TV or any of the alternatives.
I don't think any of us want to 'rewire' the net to provide a
settlement system that in the end would only legitimize spam, and
likely increase the amount most users receive.

-- 
       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org