[Asrg] Email service assumptions and making system-wide changes
Dave Crocker <dhc@dcrocker.net> Mon, 16 January 2006 19:32 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Eya5q-000080-Vx; Mon, 16 Jan 2006 14:32:42 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Eya5p-00007v-NV for asrg@megatron.ietf.org; Mon, 16 Jan 2006 14:32:41 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA09184 for <asrg@ietf.org>; Mon, 16 Jan 2006 14:31:16 -0500 (EST)
Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EyaDn-00078C-I7 for asrg@ietf.org; Mon, 16 Jan 2006 14:40:57 -0500
Received: from [192.168.0.2] (adsl-71-131-32-235.dsl.sntc01.pacbell.net [71.131.32.235]) (authenticated bits=0) by sb7.songbird.com (8.12.11/8.12.11) with ESMTP id k0GJXA9Q028543 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <asrg@ietf.org>; Mon, 16 Jan 2006 11:33:10 -0800
Message-ID: <43CBF4CD.30708@dcrocker.net>
Date: Mon, 16 Jan 2006 11:32:29 -0800
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Thunderbird 1.5 (Windows/20051025)
MIME-Version: 1.0
To: asrg@ietf.org
References: <OF4768D65E.ECA3CB39-ON802570F8.004A9BA8-802570F8.004AA408@slc.co.uk>
In-Reply-To: <OF4768D65E.ECA3CB39-ON802570F8.004A9BA8-802570F8.004AA408@slc.co.uk>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-SongbirdInformation: support@songbird.com for more information
X-Songbird: Found to be clean
X-Songbird-From: dhc@dcrocker.net
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 92df29fa99cf13e554b84c8374345c17
Content-Transfer-Encoding: 7bit
Subject: [Asrg] Email service assumptions and making system-wide changes
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/asrg>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
Sender: asrg-bounces@ietf.org
Errors-To: asrg-bounces@ietf.org
Folks,
>>From a "pure" point of view, it is clear that unwanted email never even
> entered the equation when the requirements for email were first drawn up by
> those pioneering boffins. They tacitly assumed that everyone who used email
> would be like them and not even consider doing anything other than to play
> nice together.
...
> Sadly, and all of us here know it, the real answer to spam requires us to
> re-analyse the requirements for electronic messaging and consider processes
> for authenticating identity and for handling unwanted mail and malicious
> content. We could probably knock together a modern interoperability
> specification which would accomodate these, and many other, factors but
> what use would it be? We would then have to convince every user of mail to
> upgrade their software, and if we manage that what cost would it have?
Both of these statements suffer from being both true and misleading.
On the truth of the historical "deficiency" of initial requirements there was
pretty much nothing all that organized about the effort, anymore than the
current web represents a coherent requirements statement, formulated during
initial development.
The nature of Internet applications is that they go through incremental change
over extended periods of time, both adapting to changes in the environments and
adding mechanisms to support added functionality. Much like a social process...
Folks need to observe that the other global communications services lack the
kinds of authentication mechanisms that are so readily claimed to be "essential"
for today's proper Internet mail operation. That those other services have
other features, which tend to mitigate the abuses that dominate Internet mail,
is a matter of accident, rather than planning.
On the matter of a redesign, we have two problems:
1. It is not clear that it is needed. Those claiming the need for a redesign
take it on faith that one is needed. This is akin to ready-shoot-aim. A
re-design effort makes sense only after two pre-conditions are met:
a) new requirements are formulated and gain community consensus, and
b) attempts are made to retrofit the existing service to satisfy those
requirements, but the efforts fail.
So far, we have been astonishingly successful at adding capabilities to Internet
mail, so I strongly suspect that the real problem is in formulating the
requirements. This leads to the second, basic problem:
2. We do not know what changes will have long-term efficacy, without also
causing long-term damage. We need to ensure continued use of email for current
and future purposes. Email fits into a complex human communication fabric that
is dominated by human and group dynamics, and therefore is frankly not well
understood. Change any interesting system -- especially one that is poorly
understood -- and the changes will always have unintended consequences, most of
which will be undesirable. That argues strongly for taking small steps, and
taking them very, very carefully.
The heuristic I use for considering system-wide responses to spam, and the like,
is to ask whether the feature would be good to have, even if abuses were not a
major problem. Hence, current abuses serve merely as motivators.
d/
ps. Some of the above is predictably redundant with
<http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_8-4/anti-spam_efforts.html>.
--
Dave Crocker
Brandenburg InternetWorking
<http://bbiw.net>
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] Re: Bots Frank Ellermann
- [Asrg] Spam, why is it still a problem? Craig Cockburn
- Re: [Asrg] Spam, why is it still a problem? der Mouse
- Re: [Asrg] Spam, why is it still a problem? Tom Petch
- Re: [Asrg] Spam, why is it still a problem? Danny Angus
- Re: [Asrg] Spam, why is it still a problem? Andrew W. Donoho
- Re: [Asrg] Spam, why is it still a problem? Dave Crocker
- [Asrg] Re: Spam, why is it still a problem? Frank Ellermann
- Re: [Asrg] Spam, why is it still a problem? Barry Shein
- RE: [Asrg] Spam, why is it still a problem? Hallam-Baker, Phillip
- Re: [Asrg] Spam, why is it still a problem? Seth Breidbart
- [Asrg] Email service assumptions and making syste… Dave Crocker
- Re: [Asrg] Email service assumptions and making s… Barry Shein
- [Asrg] Re: Email service assumptions and making s… Frank Ellermann
- Re: [Asrg] Email service assumptions and making s… Seth Breidbart
- Re: [Asrg] Email service assumptions and making s… Douglas Otis
- Re: [Asrg] Email service assumptions and making s… Barry Shein
- Re: [Asrg] Email service assumptions and making s… Seth Breidbart
- [Asrg] Re: Spam, why is it still a problem? Stephane Bortzmeyer
- Re: [Asrg] Re: Spam, why is it still a problem? Gadi Evron
- [Asrg] Re: Spam, why is it still a problem? Stephane Bortzmeyer
- Re: [Asrg] Re: Spam, why is it still a problem? Tom Petch
- Bots was Re: [Asrg] Email service assumptions and… Tom Petch
- Re: [Asrg] Email service assumptions and making s… John Levine
- Re: Bots was Re: [Asrg] Email service assumptions… John Levine
- Re: [Asrg] Email service assumptions and making s… Barry Shein
- Re: [Asrg] Email service assumptions and making s… Douglas Otis
- Re: Bots was Re: [Asrg] Email service assumptions… Barry Shein
- [Asrg] Re: Bots Frank Ellermann
- RE: [Asrg] Re: Bots Larry Seltzer
- Re: [Asrg] Re: Bots Douglas Otis
- Re: [Asrg] Re: Bots Seth Breidbart
- [Asrg] Re: Bots Frank Ellermann
- Re: [Asrg] Spam, why is it still a problem? Craig Cockburn
- [Asrg] Re: Bots Frank Ellermann
- Re: [Asrg] Re: Spam, why is it still a problem? Craig Cockburn
- RE: [Asrg] Re: Bots Larry Seltzer
- Re: [Asrg] Re: Bots Gadi Evron
- Re: [Asrg] Re: Spam, why is it still a problem? Douglas Otis
- Re: [Asrg] Spam, why is it still a problem? John Levine
- Re: [Asrg] Spam, why is it still a problem? Craig Cockburn
- Re: [Asrg] Re: Spam, why is it still a problem? Craig Cockburn
- Re: [Asrg] Spam, why is it still a problem? Danny Angus
- Re: [Asrg] Email service assumptions and making s… Danny Angus
- Re: [Asrg] Email service assumptions and making s… Danny Angus
- Re: [Asrg] Spam, why is it still a problem? John Levine
- Re: [Asrg] Spam, why is it still a problem? John Levine
- Re: [Asrg] Email service assumptions and making s… Seth Breidbart
- Re: [Asrg] Spam, why is it still a problem? Craig Cockburn
- Re: [Asrg] Spam, why is it still a problem? Bill Cole
- Re: [Asrg] Spam, why is it still a problem? John Levine
- Re: [Asrg] Spam, why is it still a problem? Barry Shein
- Re: [Asrg] Email service assumptions and making s… Barry Shein
- Re: [Asrg] Email service assumptions and making s… Laird Breyer
- [Asrg] Re: Email service assumptions and making s… Frank Ellermann
- Re: [Asrg] Email service assumptions and making s… Danny Angus
- Re: [Asrg] Spam, why is it still a problem? John Levine
- RE: [Asrg] Re: Spam, why is it still a problem? Wesley Peters
- Re: [Asrg] Spam, why is it still a problem? Dave Crocker
- Re: [Asrg] Email service assumptions and making s… Dave Crocker
- Re: [Asrg] Spam, why is it still a problem? Danny Angus