Re: [Asrg] Adding a spam button to MUAs

Michael Thomas <mike@mtcc.com> Fri, 29 January 2010 17:23 UTC

Return-Path: <mike@mtcc.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C27CE3A6960 for <asrg@core3.amsl.com>; Fri, 29 Jan 2010 09:23:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.443
X-Spam-Level:
X-Spam-Status: No, score=-2.443 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3rPjxUYr5Jvc for <asrg@core3.amsl.com>; Fri, 29 Jan 2010 09:23:19 -0800 (PST)
Received: from mtcc.com (mtcc.com [64.142.29.208]) by core3.amsl.com (Postfix) with ESMTP id 9C5013A6837 for <asrg@irtf.org>; Fri, 29 Jan 2010 09:23:19 -0800 (PST)
Received: from piolinux.mtcc.com (65-172-208-49.dsl.volcano.net [65.172.208.49]) (authenticated bits=0) by mtcc.com (8.14.3/8.14.3) with ESMTP id o0THNeDx022093 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <asrg@irtf.org>; Fri, 29 Jan 2010 09:23:41 -0800
Message-ID: <4B63199A.4040200@mtcc.com>
Date: Fri, 29 Jan 2010 09:23:38 -0800
From: Michael Thomas <mike@mtcc.com>
User-Agent: Thunderbird 2.0.0.14 (X11/20080501)
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20100128173112.85215.qmail@simone.iecc.com> <4B61CC2F.404@mtcc.com> <20100129134451.GA27203@gsp.org>
In-Reply-To: <20100129134451.GA27203@gsp.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; l=3455; t=1264785822; x=1265649822; c=relaxed/simple; s=thundersaddle.kirkwood; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=mtcc.com; i=mike@mtcc.com; z=From:=20Michael=20Thomas=20<mike@mtcc.com> |Subject:=20Re=3A=20[Asrg]=20Adding=20a=20spam=20button=20t o=20MUAs |Sender:=20 |To:=20Anti-Spam=20Research=20Group=20-=20IRTF=20<asrg@irtf .org> |Content-Type:=20text/plain=3B=20charset=3DISO-8859-1=3B=20 format=3Dflowed |Content-Transfer-Encoding:=207bit |MIME-Version:=201.0; bh=bDvw6ziIoM7FpNZogKTKGZGAFV7VCGtVgJ3iLkSLtXs=; b=GuqXleSQ4yIxhll4wYO4s7xBw4VtDTf+C+Y17qAo6BAbaxRrE/hmc9teD3 e0t4NBnt56x3WMOP8NzXouOGYo7o/rL790cFBRHIA0xcZgbhMzuWD1xhEqzN bvzAxyURHUO5ZnlTM2i9a1wlchTng7qawdM2L8MGgB4Yz4y7vUv5U=;
Authentication-Results: ; v=0.1; dkim=pass header.i=mike@mtcc.com ( sig from mtcc.com/thundersaddle.kirkwood verified; ); dkim-asp=pass header.From=mike@mtcc.com
Subject: Re: [Asrg] Adding a spam button to MUAs
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jan 2010 17:23:20 -0000

Rich Kulawiec wrote:
> On Thu, Jan 28, 2010 at 09:41:03AM -0800, Michael Thomas wrote:
>   
>> The entire thing strikes me as rather elitist: like only Certified Spamologists(tm)
>> can determine for you what you don't want to receive.
>>     
>
> Not quite.  But maybe so.
>
> We don't (at least I sure *hope* we don't) permit users to determine which
> packets will/won't be permitted into our networks.  We set those policies
> to maximize security, because we recognize that malicious/dubious network
> traffic is a threat.  So for example, we might have in place a mechanism
> which begins to reject ssh connection attempts after a certain number of
> failures.  There is no real difference between that and rejecting SMTP
> traffic -- recognizing that spam is *also* a security threat -- other than
> the application protocol involved.
>   

This is a strawman argument: nobody's saying that users should be the 
sole decider
of network badness. What you said however is that users should have NO 
INVOLVEMENT
in deciding what network things they want/don't want. In this particular 
case, the "don't
want" is the form of a button that users can express their displeasure 
that ultimately
effects some filtering goodness.

> Users are not qualified to make decisions about (for example) SSH traffic
> management in perimeter firewalls.  Nor are they qualified to make decisions
> about about SMTP traffic management in mail servers.  That is why they
> are users and not network/server managers.  (They probably get to make
> some other decisions that network/server managers don't.  It works both
> ways: each according to their expertise and responsibilities.)
>
> This is NOT the same thing as determining for a user (to go back to your
> remarks) what "[they] don't want to receive". That's a personal preference
> and users are of course free to formulate/express it as they wish.
>
> I don't think this is elitist, I think it's a matter of recognizing that
> the spam/not-spam classification process requires expertise *vastly* in
> excess of that possessed by almost all users.  
The problem I have here is that your taxonomy has SPAM and HAM branching 
out very
early from the tree of email, where only paelospamologists with the 
proper qualifications
ought to be given any credence as to where they fit in the family tree. 
My position is that
the entire idea of this taxonomy is silly, and the paleospam theory is 
not very helpful in the
larger problem of "filter mail I don't want to see". The theory does 
lead to a full employment
act for the paleospamologist priesthood though. Giving the laity any say 
is a threat, even though
the laity is the only place you can possibly get the raw input for the 
filtering we want rather than
what is given to us on high.

The question should always be: "does user X want this mail?" rather than 
"this mail is spam/ham
in absolute terms". The sooner we get beyond the paleospamogist 
priesthood, the sooner we get
on with the actual job of building products for its users rather than 
the various other vested interests.

Mike

Mike


> This is not their "fault"
> per se because it's not a fault: it's simply a lack of area-specific
> experience and knowledge.
>   

> ---Rsk
> _______________________________________________
> Asrg mailing list
> Asrg@irtf.org
> http://www.irtf.org/mailman/listinfo/asrg
>