RE: [Asrg] Consent Proposal
"Peter Kay" <peter@titankey.com> Fri, 27 June 2003 03:54 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA03692 for <asrg-archive@odin.ietf.org>; Thu, 26 Jun 2003 23:54:37 -0400 (EDT)
Received: (from exim@localhost) by www1.ietf.org (8.11.6/8.11.6) id h5R3sAo02519 for asrg-archive@odin.ietf.org; Thu, 26 Jun 2003 23:54:10 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VkJO-0000eY-00 for asrg-web-archive@optimus.ietf.org; Thu, 26 Jun 2003 23:54:10 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA03680; Thu, 26 Jun 2003 23:54:06 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19VkJL-0000tH-00; Thu, 26 Jun 2003 23:54:07 -0400
Received: from ietf.org ([132.151.1.19] helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19VkJF-0000tD-00; Thu, 26 Jun 2003 23:54:01 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VkJF-0000YR-7P; Thu, 26 Jun 2003 23:54:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19VkIQ-0000Y0-Q2 for asrg@optimus.ietf.org; Thu, 26 Jun 2003 23:53:10 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA03670 for <asrg@ietf.org>; Thu, 26 Jun 2003 23:53:07 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19VkIO-0000t0-00 for asrg@ietf.org; Thu, 26 Jun 2003 23:53:08 -0400
Received: from imail.centuryc.net ([216.30.168.20] helo=isp-appsvr01.centuryc.com) by ietf-mx with esmtp (Exim 4.12) id 19VkID-0000so-00 for asrg@ietf.org; Thu, 26 Jun 2003 23:52:57 -0400
Received: from cybercominc.com [66.91.134.126] by isp-appsvr01.centuryc.com (SMTPD32-8.00) id AFD29E800F2; Thu, 26 Jun 2003 17:53:54 -1000
Received: from a66b91n134client123.hawaii.rr.com (66.91.134.123) by cybercominc-zzt with SMTP; Fri, 27 Jun 2003 03:57:54 GMT
X-Titankey-e_id: <28b6d3a5-454c-47ca-bd3f-f16fac911a3f>
Content-Class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [Asrg] Consent Proposal
X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0
Message-ID: <DD198B5D07F04347B7266A3F35C42B0B0FD07E@io.cybercom.local>
Thread-Topic: [Asrg] Consent Proposal
thread-index: AcM8KZ2UwYMM3kR+TI6FRRIpmX/GFAANKXRQ
From: Peter Kay <peter@titankey.com>
To: Yakov Shafranovich <research@solidmatrix.com>, asrg@ietf.org
Content-Transfer-Encoding: quoted-printable
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Thu, 26 Jun 2003 17:53:46 -1000
Content-Transfer-Encoding: quoted-printable
Content-Transfer-Encoding: quoted-printable
I think you've got the beginning of a consent-based framework. I like it. What I'm getting out of this is: A. there exists a plug-in infrastructure that can run on MUA or MTA (ISP). B. each plug-in provides for some type of policy definition, related to the plugins purpose. This can range from filtering to CR to all the other methods mentioned below. C. each plug-in can be configured by a hierarchy. Starting w/ the ISP (for instance), then perhaps a domain-level admin (for corporate applications0 and then the end-user. We can decide on varying levels of defaults or override capability so that for example if an ISP whitelists a source, the end-user may have the option to blacklist it. To me, this reinforces what I've seen over the past few months on this group: 1. no one can agree what spam is. So at the end of the day, the user has to have the power to decide. This is in line w/ the charter. 2. no one technological approach "religion" (i.e. filtering, C/R, etc) is adequate to deal with the general problem of "unwanted email". 3. spammers will change their methods as time goes on, so the architecture must allow for that. In addition, a consent-based framework allows for multiple vendors to participate. If we can create some sort of "email bus" I think it has a lot of potential. Peter Kay President TitanKey Software Web: www.titankey.com The only technology that stops spam BEFORE it's even sent > -----Original Message----- > From: Yakov Shafranovich [mailto:research@solidmatrix.com] > Sent: Thursday, June 26, 2003 11:23 AM > To: asrg@ietf.org > Subject: [Asrg] Consent Proposal > > > I would like to provide a generic proposal for consent-based > system as per > charter: > > 1. Users and/or ISP define rules and filters to filter > incoming email. > Rules/filters are decided by end users and ISPs, and are not > mandated. > Every user/ISP can define its own policies ranging from > banning all email > not digitally signed to blocking HTML. > 2. For each email user, the MUA or the ISP maintains a > whitelist of trusted > senders, blacklist of blocked senders and a graylist of > unknown senders. > Whitelisted senders go the inbox, graylisted senders go to > the bulk folder, > and blacklisted senders are either in the spam folder or > erased. 3. Whitelists are not only a list of email addresses > of trusted senders, > but to avoid sender spoofing also have additional features > such as digital > signatures, certificates, passwords, tokens, etc. > 4. Additional automatic whitelist rules are defined as such > email from > trusted senders (e.g. Habeas) is automatically goes to the > inbox unless > blacklisted, etc. C/R systems are also integrated and upon > receiving a > positive response automatically whitelist the sender. > 5. Additional automatic blacklist rules are defined such as > email coming > from known open relays is blocked. > 6. Whitelists, graylists and blacklists are stored hashed or > encrypted to > protect privacy. > > Any thoughts? > > Yakov > > > _______________________________________________ > Asrg mailing list > Asrg@ietf.org > https://www1.ietf.org/mailman/listinfo/asrg > > > _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- RE: [Asrg] Consent Proposal Peter Kay
- [Asrg] Consent Proposal Mark McCarron
- Re: [Asrg] Consent Proposal Jon Kyme
- [Asrg] Trust, misunderstood? Danny Angus
- [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Jon Kyme
- Re: [Asrg] Consent Proposal Barry Shein
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Peter Kay
- Re: [Asrg] Consent Proposal Selby Hatch
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Vernon Schryver
- RE: [Asrg] Consent Proposal Peter Kay
- RE: [Asrg] Consent Proposal Peter Kay
- RE: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Peter Kay
- [Asrg] Consent Proposal gep2
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Bob Wyman
- Anticipatory whitelisting (was Re: [Asrg] Consent… Bruce Stephens
- Re: [Asrg] Consent Proposal Jon Kyme
- Re: [Asrg] Consent Proposal Jon Kyme
- Re: RE: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Barry Shein
- RE: [Asrg] Consent Proposal Peter Kay
- Re: [Asrg] Consent Proposal Walter Dnes
- Re: RE: [Asrg] Consent Proposal Jon Kyme
- Re: [Asrg] Consent Proposal Jon Kyme
- RE: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- Fwd: Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- Fwd: Re: [Asrg] Consent Proposal Yakov Shafranovich
- Fwd: Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: Fwd: Re: [Asrg] Consent Proposal Craig Cockburn
- Re: Fwd: Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: Anticipatory whitelisting (was Re: [Asrg] Con… Yakov Shafranovich
- Re: Fwd: Re: [Asrg] Consent Proposal Jon Kyme
- Re: [Asrg] Consent Proposal Danny Angus
- RE: Fwd: Re: [Asrg] Consent Proposal Jon Kyme
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Bob Wyman
- RE: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Howard Roth
- Re: RE: [Asrg] Consent Proposal Jon Kyme
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- RE: [Asrg] Consent Proposal Danny Angus
- Re: [Asrg] Consent Proposal Markus Stumpf
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Consent Proposal Danny Angus
- Re: [Asrg] Consent Proposal Markus Stumpf
- Re: [Asrg] Consent Proposal C. Wegrzyn
- Re: [Asrg] Consent Proposal Markus Stumpf
- Re: [Asrg] Consent Proposal C. Wegrzyn
- Re: [Asrg] Consent Proposal Markus Stumpf
- Re: [Asrg] Consent Proposal C. Wegrzyn
- Re: [Asrg] Consent Proposal Yakov Shafranovich
- Re: [Asrg] Trust, misunderstood? Yakov Shafranovich
- Re: [Asrg] Trust, misunderstood? C. Wegrzyn