RE: [Asrg] Several Observations and a solution that addresses them all

[Kee Hinckley <nazgul@somewhere.com>]

At 1:10 PM -0500 3/11/03, Jason Hihn wrote:
>I don't share in your pessimism. If we can make reasonable assurances that
>in 5 years spam is a thing of the past, then I think we'll hop on board.
>
>According to your logic, we should never buy houses because it will never
>pay off. We should just stick to renting, because it's cheap and it works
>well enough.

I'll try one more time.

1. The benefits of buying a house are immediate.
2. The benefits of buying a house do not depend on everyone else 
buying a house.
3. The buyer of a house is not faced with a choice of multiple 
houses, only one of which will be liveable in five years.

If those were not the case--people would rent.

I think maybe you're thinking that it isn't a gamble, because all the 
ISPs will get together and agree to do something.  But that won't 
happen, because there are plenty of ISPs who aren't going to play the 
game.  If we could rely on all the ISPs to agree on something, we 
wouldn't have a problem right now, because they would have agreed not 
to allow spammers on their networks.  However there are clearly ISPs, 
and entire countries, who have decided that it is to their benefit to 
spam.  Other's are caught in unfortunately legal agreements.  Still 
others simply don't know they are being taken advantage of.  Your 
proposal is not going to change any of that, and it won't be 
effective until the number of authenticated messages so overwhelms 
the non-authenticated that we can afford to block them.  Read what 
people have said about acceptable false-positive rates.

Alternatively, you believe that if we make it a standard, they will 
come.  There are lots of standards out there.  Lots of RFCs.  Which 
one will be implemented is a completely different question.  Back in 
1989 I co-founded a company that made a multimedia email client and 
server that ran on Unix.  There was a Unix desktop standard.  RFC1154 
gave us a standard for multimedia attachments.  And for those people 
who were going to use the new international standard for email, 
X.400, we supported that as well.  Everyone agreed that Unix on the 
desktop was going to take off and the standards organizations were 
all pointing at X.400 as the future.  We made that gamble because we 
were three guys working out of our living rooms.  Established 
companies don't take that kind of risk.  The payoff is not worth it. 
And in that case they would have been right.  MIME replaced RFC1154. 
Unix *still* isn't a desktop operating system.  And X.400 died a 
well-deserved death.

I think authentication is the way to go as well.  But we have to find 
a method that has immediate benefits to the people who have to do the 
work and pay the cost.  That's why I'm focused on the idea of 
requiring authentication only for bulk mailers, and using existing 
tools to identify what messages are bulk.  I'm not convinced that it 
will work.  But I am convinced that it applies the changes in the 
places where people are incented to make them.
-- 
Kee Hinckley
http://www.puremessaging.com/        Junk-Free Email Filtering
http://commons.somewhere.com/buzz/   Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg