Barry, I have a wrench :) Everything looks like a nut to me. But in all seriousness. I have to agree with Barry's statement here. Spam is very much a social, political, ethical, and financial issue. Filters are static things, that have to be updated, and can't see every case that comes thru. Even the Habeas idea, while novel and interesting, requires people to do quasi technical things. The average user isn't going to do those things. Much spam comes from relay servers outside of north america, but is targetted towards us yanks. Until we make the social or financial impact real enough to stop the spammers, they will continue. Enough people respond to spam, that its worth it to them to sell there warez via this method. I think we geeks would spend better time, trying to help adjust the social and financial changes, instead of smashing on the the bolt with the hammer... A stab at defining SPAM: The sending of email to a person, where there is a financial gain (directly or indirectly) to the sender, and where the receiver did not expressly request such email. Please DO NOT reply to my definition on the NANOG list, else the NANOG police will get you..... john brown speaking for me On Mon, Aug 26, 2002 at 06:07:46PM -0400, Barry Shein wrote:
Point of Information:
Every single purely technical approach to stopping spam has been a complete loser.
I understand the old adage that when all you have is a hammer the whole world looks like a nail.
And that all many people on this list have is a technical hammer, some ability to hack around with cisco access lists or similar, so they tend to hold out hope that some new access list formula might be the one that saves the day (or similar, don't quibble the example!)
But spam is as much a socio-legal problem as a technical one which is why, I'd claim, it's been so completely resistant to all purely technical approaches thus far.
What we need are technical solutions which help with concomitant socio-legal solutions.
If you haven't noticed, the spammers are winning completely, the waters are rising rapidly.
More and more legitimate-sounding companies and products are spamming, and by and large the public perception in the non-anointed* business community are coming to the conclusion that they receive all this spam so it must be a legitimate form of advertising.
Let me throw out the following to show how blind the technical community has been:
There is no RFC or other public standards document which even attempts to define spam or explain, in a careful and professional manner, why it is a bad thing.
(before you say the obvious, that's not what RFCs are for, read, e.g., RFC 2964)
However, we expect lawmakers to recognize and define the problem and get it right when the engineers who understand the technology and problem, in nearly a decade of whining, can't even be bothered to provide them with robust definitions of what it is the whining is about.
Food for thought, that's all.
But, personally, I'm hesitant to spend my time trying to study the merits of yet another anti-spam miracle cure, even if it seems at first glance (like so many before) that it might foil some particular flavor of spam which has been prevalent in the past.
Now, after sitting through this extended, multi-day discussion of spam someone can send me the standard "discussion of spam is not a subject for nanog!" because I'm not a member of the amen crowd.
* "non-anointed": not a member of the technical community hence indoctrinated into a particular ethical view of what's right and wrong on the net.
-- -Barry Shein
Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*