(Hm. I wonder how far off topic we can go before Jeff pulls the plug on us.)
Earl Hood <[EMAIL PROTECTED]> writes: > Politics and democracy. Again, you must look beyond money. In the end, everything is economics. But I do not advocate kicking poor people off of the Net. I do advocate making them send their mail through their ISP's server. If their ISP is too irresponsible for that to work well, I advocate telling them to change ISPs. > > And the rest of us can help encourage such policies by blocking > > direct mail from dynamic ranges :-). > > I find this view naive. "Naive"? I thought I understood this stuff pretty well. I have certainly heard most of the arguments before... > See > <http://www.eff.org/Spam_cybersquatting_abuse/Spam/position_on_junk_email.html> ...like this one. While I respect the EFF, this piece was clearly written by someone with no experience managing a network in the modern world. My favorite sentence: "In addition, Netizens should express their dismay at spam by boycotting products advertised with spam." Oh yeah, that'll help. You say *my* view is naive? Reality check: The spam problem has gotten bad, far worse than most users realize. Talk to someone who does net ops for AOL, or Yahoo, or (in my case) Juno. Ask them how many millions of messages they block every day. Show them your EFF article and see what they say. (I do not work for Juno; I have a friend who does. He was the one who ultimately convinced me on these points.) End-user solutions are useful for sophisticated end users. But anyone who can configure a personal mail filter would never buy anything advertised in spam anyway. Ergo, such filters do nothing to reduce the financial incentive for sending spam. Ergo, they do nothing to reduce the amount of spam. So yes, I want to see spam filtering done without the user's knowledge or consent, as the intended targets for spam have no knowledge and are not qualified to consent. Because the sheer volume of spam (in Juno's case, over 80% of all inbound mail) is posing a real problem for networks and their admins. > You must be careful of the slippery-slope of anti-spam measures to > where many can be be abused and inhibit valid uses of the Net. Many > measure typically have side-effects of punishing the little guy. If the "little guy" is paying money to a spam-friendly ISP, then he deserves to be punished. Um, by the way, we have drifted pretty far from our discussion of blocking dynamic ranges, as the little guy can always use his ISP's mail server. So even if I sound like a raving lunatic now, it should not cloud the earlier point :-). As I mentioned, most blocklists are run by idiot children and are therefore awful. But that is very different from saying that all blocklists are awful. Some have decent policies, rigidly followed, and we would all be better off if we all used them. > I also recommend you check out IETF's Anti-spam Research Group > (ASRG) and their list archives. Anything in particular you recommend? > > It is actually better than that, because most ISPs now do some sort of > > antivirus filtering on their mail servers. > > Mail viruses is only one attach vector. Many worms attack systems > directly (e.g. MS RPC exploits) or through browser (IE) defects. > Therefore, mail filtering will not stop these kind of attacks. It will not stop the schoolyard bully from stealing your little brother's candy bar, either. We were discussing Email worms. > BTW, mail virus filters only work "after-the-fact". Ie. Systems > must get infected, and the detected, for anti-virus vendors to > provided updated dat files. Yeah, the real solution is to eliminate Microsoft. But for now, we must work with what we have. > And then, it becomes a race condition on how soon people and > organization update their dat files before they are infected. Since > I am still receiving Swen messages (i.e. the bogus "Microsoft > patch" updates), it is clear to me that relying on people to update > their dat files is doomed to failure. I was once receiving over 500 copies of Swen every day. Believe me, I sympathize. However, an ISP is much more likely to keep its machines update-to-date than an end user is. And Swen volume has gone way down for precisely this reason. - Pat _______________________________________________ Gossip mailing list [EMAIL PROTECTED] http://www.mail-archive.com/cgi-bin/mailman/listinfo/gossip
