IETF Logo Mail Archive

Re: [Asrg] Summary/outline of why the junk button idea is pre-failed

Ian Eiloart <iane@sussex.ac.uk> Wed, 03 March 2010 11:40 UTC

Return-Path: <iane@sussex.ac.uk>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5971128C314 for <asrg@core3.amsl.com>; Wed, 3 Mar 2010 03:40:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.789
X-Spam-Level:
X-Spam-Status: No, score=-2.789 tagged_above=-999 required=5 tests=[AWL=-0.346, BAYES_00=-2.599, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PqsU4BgBDQcj for <asrg@core3.amsl.com>; Wed, 3 Mar 2010 03:40:50 -0800 (PST)
Received: from sivits.uscs.susx.ac.uk (sivits.uscs.susx.ac.uk [139.184.14.88]) by core3.amsl.com (Postfix) with ESMTP id CF07D3A7EBD for <asrg@irtf.org>; Wed, 3 Mar 2010 03:40:49 -0800 (PST)
Received: from lewes.staff.uscs.susx.ac.uk ([139.184.135.133]:64902) by sivits.uscs.susx.ac.uk with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.64) (envelope-from <iane@sussex.ac.uk>) id KYPF64-000636-KG for asrg@irtf.org; Wed, 03 Mar 2010 11:42:04 +0000
Date: Wed, 03 Mar 2010 11:40:50 +0000
From: Ian Eiloart <iane@sussex.ac.uk>
Sender: iane@sussex.ac.uk
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <185A808E884A27C3495A8BBD@lewes.staff.uscs.susx.ac.uk>
In-Reply-To: <20100302131810.GA22938@gsp.org>
References: <20100302131810.GA22938@gsp.org>
Originator-Info: login-token=Mulberry:01GAHBnYFiLwJZbhX/hCeLdjQQfnni93snjWw=; token_authority=support@its.sussex.ac.uk
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Sussex: true
X-Sussex-transport: remote_smtp
Subject: Re: [Asrg] Summary/outline of why the junk button idea is pre-failed
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Mar 2010 11:40:51 -0000

--On 2 March 2010 08:18:10 -0500 Rich Kulawiec <rsk@gsp.org> wrote:

> I'm going to try to summarize and enumerate some of the arguments against
> the general idea of a report-as-spam button.  My position is that several
> of these points (individually) make the case that it's a truly bad idea
> and should be abandoned immediately and permanently, and that
> collectively, they're an overwhelming rationale.  Others differ, of
> course.
>
> This is a *summary* and not an attempt to provide every nuance
> of every argument, so nitpicking is discouraged.  You may rest
> assured that I read the traffic on this list and have been paying
> close attention to the spam problem for the past several decades. ;-)
>
> 1. User incompetence

Crowd sourcing should be used to gather confidence in reports when they're 
many. Admin inspection can be used when they're few.

> 2. User time

Nobody is asking them to classify every message. This is tool that they can 
choose to use, or not. Indeed, the mechanisms that we're discussing are 
about how the user system can communicate classification to the 
administrator. This could be done by the user client filter. Remember, the 
user is already trusting the filter to hide email.

> 3. User exposure
>
> 	Many clueless users, unfortunately, use web browsers or otherwise
> 	HTML-enabled mail clients to read their mail.  (Of course we can
> 	safely presume that competent professional postmasters or abuse
> 	desk personnel don't do this, but the report-as-spam button is
> 	intended for the masses, and they, sadly, do.)
>
> 	It is certain that in the process of trying to perform classification
> 	tasks, they'll click on links "just to see what's there".  This
> 	not only provides very useful information to spammers, but it will
> 	assist phishers, trojan downloaders and others whose goal isn't
> 	really spamming per se, but using spamming to penetrate
> 	systems/networks or perform reconnaissance on them.

That depends on where the reports go. On my system, they'll be coming to 
me.

>
> 4. User influence on security policy

> 	Anti-spam defenses are similar to firewall rules: they control
> 	site security.	End-users should not be permitted to override
> 	or otherwise modify firewall settings: neither should they
> 	be permitted to override or otherwise modify anti-spam settings.
> 	First, because it's not their job, second, because they're
> 	not responsible for the consequences, third, because they
> 	lack expertise in this area.
>
> 	(This is not to say that they shouldn't have input.  But all such
> 	input should be manually, carefully reviewed by qualified and very
> 	skeptical personnel before any decisions are made about using it.)

Ah, so that's not an argument against providing a junk button at all, 
merely a caution. Noted.

> 5. Duplicates existing functionality
>
> 	All competently-run sites support the RFC 2142-stipulated
> 	"abuse" role address and have appropriately experienced,
> 	trained, qualified and diligent staff reading every message
> 	sent there.  It's trivially easy for any user to forward
> 	questionable mail traffic (with full headers of course)

Right, but most don't know that the address exists, and don't know what 
full headers are. A junk button *could*  (A) expose the reporting mechanism 
to the user, and (B) ensure that the reports are useful by ensuring that 
they include full headers.

In fact, I think that you've just given a convincing argument FOR a junk 
mail button.

> to	the abuse address of their own mail provider, who can then
> 	decide what to do about it.  These personnel are far better
> 	situated to decipher headers, correlate against logs,
> 	assess threat severity, etc.  They're also much less likely --
> 	presuming that they're competent -- to hand over useful
> 	information to the enemy.  See next point as well.
>
> 6. Free useful intelligence for spammers
>

My reports won't be going to spammers. Have you really been reading this 
thread?

> 7. Creating more Internet mail traffic is a bad move

Agreed. That's why I'm advocating IMAP flags or annotations as a better 
solution.

> 8. Report-as-spam button repurposed as weapon
>
> 	We've already seen how spammers have repurposed any number of
> 	ill-conceived anti-spam concepts (e.g., SAV) as weapons.
> 	They'll do that with this too, should it profit them to do so.
> 	I trust at least a few methods are obvious on inspection;
> 	there's also a few non-obvious ones that I will not be discussing
> 	on a public mailing list, some of which relate to the next point.
>
> 9. The zombie problem
>

Again, the mechanism should only generate reports to the administrator, and 
the administrator needs to have quality assurance mechanisms in place. 
You've suggested some. Others are available.



-- 
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/

v2.23.0 | Report a Bug | By Email