Re: [Asrg] request for review for a non FUSSP proposal

Rich Kulawiec <rsk@gsp.org> Sun, 28 June 2009 19:06 UTC

Return-Path: <rsk@gsp.org>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2123C3A6B0A for <asrg@core3.amsl.com>; Sun, 28 Jun 2009 12:06:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.513
X-Spam-Level:
X-Spam-Status: No, score=-6.513 tagged_above=-999 required=5 tests=[AWL=0.086, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iGpIOWBbagbr for <asrg@core3.amsl.com>; Sun, 28 Jun 2009 12:06:14 -0700 (PDT)
Received: from taos.firemountain.net (taos.firemountain.net [207.114.3.54]) by core3.amsl.com (Postfix) with ESMTP id 4FBCB3A6A40 for <asrg@irtf.org>; Sun, 28 Jun 2009 12:06:13 -0700 (PDT)
Received: from squonk.gsp.org (bltmd-207.114.17.162.dsl.charm.net [207.114.17.162]) by taos.firemountain.net (8.14.1/8.14.1) with ESMTP id n5SJ6I2F008749 for <asrg@irtf.org>; Sun, 28 Jun 2009 15:06:20 -0400 (EDT)
Received: from avatar.gsp.org (avatar.gsp.org [192.168.0.11]) by squonk.gsp.org (8.14.1/8.14.1) with ESMTP id n5SJ1SWx022584 for <asrg@irtf.org>; Sun, 28 Jun 2009 15:01:28 -0400 (EDT)
Received: from avatar.gsp.org (localhost [127.0.0.1]) by avatar.gsp.org (8.14.3/8.14.3/Debian-4) with ESMTP id n5SJ6D9R019111 for <asrg@irtf.org>; Sun, 28 Jun 2009 15:06:13 -0400
Received: (from rsk@localhost) by avatar.gsp.org (8.14.3/8.14.3/Submit) id n5SJ6CYk019110 for asrg@irtf.org; Sun, 28 Jun 2009 15:06:12 -0400
Date: Sun, 28 Jun 2009 15:06:12 -0400
From: Rich Kulawiec <rsk@gsp.org>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <20090628190612.GG12932@gsp.org>
References: <4A3F9B2B.8020603@tana.it> <4A3FF3AF.9030401@telmon.org> <4A3FF7F1.1060705@nd.edu> <4A3FFB64.6030409@telmon.org> <20090622215251.GA2137@gsp.org> <4A400246.9060103@telmon.org> <1245709864.77647.26.camel@legolas.orthanc.ca> <E4491C663C5CE5D2397CAEDB@lewes.staff.uscs.susx.ac.uk> <4A40C3B4.5060103@telmon.org> <BD2863274B2CC4BD8F817C35@lewes.staff.uscs.susx.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <BD2863274B2CC4BD8F817C35@lewes.staff.uscs.susx.ac.uk>
User-Agent: Mutt/1.5.18 (2008-05-17)
Subject: Re: [Asrg] request for review for a non FUSSP proposal
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 Jun 2009 19:06:15 -0000

On Tue, Jun 23, 2009 at 04:18:43PM +0100, Ian Eiloart wrote:
> Still, we're already in a position where people are fearful of publishing 
> email addresses, so this spec might alleviate that problem. But, it isn't 
> fundamental to combatting spam.

You're correct that we're in that position: we see it everywhere,
from Google's needlessly-obfuscated Usenet archives (like spammers
don't have their own NNTP feeds and haven't already harvested all email
addresses long before Google publishes them) or the presence of
address-obfuscation code in mail archivers (e.g., even the notes
on the newest/development version of Mailman talk about the need
for such obfuscation).

And I _think_ we're in concurrence that it's a pointless waste of
code and effort: spammers either have or will have soon any address
that's actually used.  (And will successfully guess at many that exist
but aren't used.)

The meta-problem we face is that "cargo cult" mentality that persists
in the belief that it's possible to hide addresses from spammers.  I've
found it quite difficult to dislodge, and -- as I commented elsewhere --
am often by the irony that the people prattling the loudest about it
are running Windows on their desktop/laptop are thus stand a reasonable
chance of being the primary vector by which their address(es) is/are
harvested by spammers.

---Rsk