SPAM is neither stricly legal or technical nor social problem, but preventing it is a challenge in technical, legal and social areas. Social challenge (stopping spam before it happened): Educate people and companies about harm of SPAM, educate users not to accept something that spammer may offer and companies from providing advertising revenue to spammers. Technical challenge (stop spam from being delivered): Try to prevent spammers from being able send email directly to ISP servers and make best effort to prevent spammers from abusing other system resources. Legal challenge (stop spam after its delived by provide ways to compensate for harm that was done): Define what SPAM, outlaw it and provide legal mechanisms to go after spammers. Provide working legal mechanisms for prosecuting those that abuse network resources and ways to compensate owner when it happens. Neither of the above is sufficient on itself but all together it should allow us to stop it. I'm engineer - that is why I want to focus on technical issue, if there are those who will do better at social or legal challenge I welcome your involvement there. On Wed, 21 Aug 2002, batz wrote:
On Wed, 21 Aug 2002, Gary E. Miller wrote:
:> Spam would not exist if both MUA's and MTA's had adequate policy :> enforcement features on them, so that users could set granular :> controls on what was allowed into their mailboxes. : :Nice try, but not close enough. : :Spam is a LEGAL problem.
Actually, I'm bang on. :)
It's not a legal problem, yet. The reason for this is that there is no legal definition of spam that is applicable outside a small number of jurisdictions. In fact, there is no single comprehensive definition of spam other than that its most consistent attribute, which is users inability to filter it without losing legitimate mail.
Look at CAUCE, Brightmail, SpamAssassin. None of them provide a comprehensive definition of all spam, rather, they define it by some of its effects, or deal with it as a matter of heuristic scoring.
By looking at its one unique attribute, we see that it is a direct leveraging/exploitation of the openness of the SMTP protocol and the culture of the Internet SMTP was designed to serve.
That "openness" used to be the social contract of email, now it is simply a lack of enforcable policy and tools.
:There are many cases where spammers negotiated a service contract with :out anti-spamming clauses. Then when the ISP figures out they have :a bulk spammer for a custmoer they can not shut down the spammer because :the spammer gets a court order to enforce the service agreement.
Yes, but that does not give the end recipient any direct recourse, and also defines spam as a contract violation between an ISP and its client, and has no regard for the messages themselves.
:Put those two together and no technical solution will fix the problem.
Actually it will. The model that TMDA uses (whitelists and confirmed corespondant registration with the recipient) is partial example of a solution that will make all spam an explicit case of unauthorized access, which can then be a legal issue.
One of the most basic principles of computer security is: No Policy = No Crime. Until users have adequate tools and protocol support to control of what comes into their mailboxes, there will be spam.
Cheers,
-- batz