Re: [Asrg] A Vouch By Feedback proposal

Claudio Telmon <claudio@telmon.org> Wed, 08 July 2009 08:48 UTC

Return-Path: <claudio@telmon.org>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D27EC3A6DDC for <asrg@core3.amsl.com>; Wed, 8 Jul 2009 01:48:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.536
X-Spam-Level:
X-Spam-Status: No, score=-0.536 tagged_above=-999 required=5 tests=[AWL=0.183, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H35WtnAzPCZg for <asrg@core3.amsl.com>; Wed, 8 Jul 2009 01:48:12 -0700 (PDT)
Received: from slim-4a.inet.it (slim-4a.inet.it [213.92.5.126]) by core3.amsl.com (Postfix) with ESMTP id 927B63A69EB for <asrg@irtf.org>; Wed, 8 Jul 2009 01:48:11 -0700 (PDT)
Received: from 88-149-251-67.dynamic.ngi.it ([::ffff:88.149.251.67]) by slim-4a.inet.it via I-SMTP-5.6.0-560 id ::ffff:88.149.251.67+N64U65bpu5W; Wed, 08 Jul 2009 10:47:37 +0200
Message-ID: <4A545D29.2010908@telmon.org>
Date: Wed, 08 Jul 2009 10:47:37 +0200
From: Claudio Telmon <claudio@telmon.org>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.22) Gecko/20090608 Lightning/0.8 Thunderbird/2.0.0.22 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20090623213728.1825.qmail@simone.iecc.com> <4A41D773.50508@telmon.org> <4A41E506.2010106@mines-paristech.fr> <20090624160052.B5DC62428A@panix5.panix.com> <4A426B9D.7090901@mines-paristech.fr> <4A43618A.6000205@tana.it> <4A4F7DD0.4040404@billmail.scconsult.com> <4A51D35E.70306@tana.it> <4A52C36D.6040207@billmail.scconsult.com> <4A532344.5010509@tana.it> <4A53AC55.8030801@cybernothing.org> <4A5450B9.1050306@tana.it>
In-Reply-To: <4A5450B9.1050306@tana.it>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] A Vouch By Feedback proposal
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jul 2009 08:48:12 -0000

Alessandro Vesely wrote:
> J.D. Falk wrote:
...
>> Here you're getting out of the technology, and into dictating
>> behavior. I wouldn't be surprised if the agreements between message
>> sender, voucher, and message receiver end up looking something like
>> what you describe, but the technology should be agnostic and let those
>> three parties make any agreement they feel is appropriate for their
>> individual situations.
> 
> Agreed. In that respect, a voucher can mandate that behavior even using
> the existing VBR standard. Only the destination of complaints deserves
> further standardization. Standard AFR is on its way, isn't it?
> 
> Dictating behavior should be done by lawmakers, of course. However, they
> cannot write the standards, and may encounter difficulties even in
> identifying the items that populate cyberspace. It seems a somewhat
> tighter cooperation is required in order to sort out an effective
> anti-spam regulation.

I think this is a point that needs clarification, but maybe this has
already been discussed in some previous thread. Many of the protocols
proposed here seem to provide accountability. Accountability is not, per
se, an antispam solution. Accountability + some e.g. banning enforcement
mechanism can be. Unless enforcement is an automatic and trivial
consequence of the protocol, I think that it is appropriate to discuss
how it can be achieved and realistic. Otherwise, we could end up with
completely useless protocols. I would dare to say that if enforcement
were trivial, we wouldn't have botnets, which are already illegal.
So I think it was appropriate for Alessandro to describe at least one
way the accountability can be used for enforcement, and thus as
antispam, since it makes a lot of difference if enforcement is expected
to be between ESP and ESP, between an ESP and its customers, between law
enforcement agencies and ESPs, or between law enforcement agencies and
the citizens.

-- 

Claudio Telmon
claudio@telmon.org
http://www.telmon.org