Re: [Asrg] request for review for a non FUSSP proposal

Alessandro Vesely <vesely@tana.it> Mon, 22 June 2009 14:54 UTC

Return-Path: <vesely@tana.it>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C75233A6CEA for <asrg@core3.amsl.com>; Mon, 22 Jun 2009 07:54:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.208
X-Spam-Level:
X-Spam-Status: No, score=0.208 tagged_above=-999 required=5 tests=[AWL=-0.678, BAYES_00=-2.599, DEAR_SOMETHING=1.605, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qs63FftpXEnU for <asrg@core3.amsl.com>; Mon, 22 Jun 2009 07:54:24 -0700 (PDT)
Received: from wmail.tana.it (mail.tana.it [62.94.243.226]) by core3.amsl.com (Postfix) with ESMTP id A7C8C3A6C3A for <asrg@irtf.org>; Mon, 22 Jun 2009 07:54:24 -0700 (PDT)
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 ale@tana.it, TLS: TLS1.0, 256bits, RSA_AES_256_CBC_SHA1) by wmail.tana.it with esmtp; Mon, 22 Jun 2009 16:54:36 +0200 id 00000000005DC031.000000004A3F9B2C.00004326
Message-ID: <4A3F9B2B.8020603@tana.it>
Date: Mon, 22 Jun 2009 16:54:35 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Thunderbird 2.0.0.21 (Windows/20090302)
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <4A3DFC91.2090506@telmon.org>
In-Reply-To: <4A3DFC91.2090506@telmon.org>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] request for review for a non FUSSP proposal
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2009 14:54:25 -0000

Claudio,
I've skimmed part of your paper, and I think your framework has a 
problem in the transition to consent-enabled mailboxes: When users 
switch their mailboxes to consent-enabled, they lose the ability to 
receive any message from consent-unaware senders, including friends, 
business contacts, mailing lists, banks and similar notification 
services, reminders, cell phones, etcetera. Most of them will end up 
having a second mailbox which is not consent-enabled, or functionally 
similar arrangement, resulting in two streams of messages. They'll 
have to watch both streams and will find wanted and unwanted messages 
in each one. (Well, the consent-enabled stream will have to wait for 
spammers to become aware of the X-Consent-request header to get much 
unwanted stuff.) Since any other action will be performed as usual, 
there will be no visible advantage resulting from the framework. That 
state of affairs will never be an incentive for widespread adoption, 
and, on the other hand, without widespread adoption the framework will 
always require that disappointing stream doubling.

-------- Original Message --------
Subject: [Asrg] request for review for a non FUSSP proposal
Date: Sun, 21 Jun 2009 11:25:37 +0200
From: Claudio Telmon <claudio@telmon.org>
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
To: asrg@irtf.org

Dear Sirs,
I've developed a proposal for an extension to the SMTP protocol that
should provide to address owners the ability to express consent to
delivery of messages in their mailboxes. While it is not the Ultimate
Solution to the Spam Problem, and strictly speaking it is not even an
antispam solution, it could help reducing spam. I already discussed my
proposal with some researchers, which judged it positively, but which
didn't have a very specific competence.
I think that my proposal could be of some interest for the ASRG
community, and I'm looking for comments and advise.

The paper is in html and pdf at
http://www.telmon.org/consent/smtp-consent-1.1.html
and
http://www.telmon.org/consent/smtp-consent-1.1.pdf

The paper is quite long, as I tried to anticipate most of the
implementation and deployment issues, but the idea is quite simple and
not really new, since it is very similar to "ham passwords". If you just
want to see what it's all about, you could just read the "Introduction"
and "General overview of the framework" sections, and maybe the
"Deployment of the framework" section at the end of the document.

Thanks in advance for any comments or suggestions you can provide me.

Sincerely,

- Claudio Telmon

-- 

Claudio Telmon
claudio@telmon.org
http://www.telmon.org