On 10/06/05, Andre Oppermann <nanog-list@nrg4u.com> wrote:
Everyone in the SPAMwar has to be aware that SPAM can't be stopped until its transaction costs approach that of the cheapest other advertising method. That can be snailmail spam, telephone terror^Wmarketing, whatever, you name it.
The issue of course is that by making it more expensive for senders of spam, you're making it just as expensive for senders of email
Each of them can contribute to a different part of the problem and none of them can fix the entire one. IETF MARID tried to stuff too many things into one of the above systems and failed.
Authentication without backing of a reputation is not too useful, as you say. The way AOL uses spf is to just use it to let people it wants to whitelist update their whitelist records with aol on the fly, so they dont have to open a ticket with AOL each time they add a new /24 worth of outbound servers for "high volume email deployment"
Each of them has its own unique advantages and disadvantages and tackles the problem on a different layer and is under different administrative control.
Nice. Only, all this falls totally in a technical space, where you need at least two other things (policy and user awareness) to flesh the picture out. I'll be teaching a short but quite general tutorial (~ 3 hours) on spam issues at apnic 20 in Hanoi this september, based mostly on a whole lot of conclusions I've drawn in my oecd paper http://www.oecd.org/dataoecd/5/47/34935342.pdf I've designed it just for this purpose - to let operators anywhere in the world use it, teach stuff based on it .. and I'd be obliged if people who do this stuff on the NOG circuit see fit to use it that way .. regards srs -- Suresh Ramasubramanian (ops.lists@gmail.com)