1a) must be simple so that many million server administrators can understand it. 1b) must scale to millions of legitimate mail servers. 1c) must not break common functionality for users.
Good list. To repeat the cliche, spam is a social problem. Technical solutions can only follow social decisions. Otherwise, we get technology dictating social policy. As bad as that is as a general rule, it is particularly bad for anything involve large-scale human communications, since the unintended consequences are certain to be massive and massively bad. Spam (and virus attacks) seem particularly strong requirements for a layered defense, some proactive and some reactive. Some involving authors and some involving operators. Being able to white- or black-list an operator legitimately is particularly powerful. They represent an aggregation of users and traffic. So the leverage is enormous. Perhaps because the payoff is so high, the dangers of mis-assignment are also huge. So such listing needs to be done conservatively, which leaves lots of traffic unassigned. Being able to white-list authors is equally spiffy. In general, formulating a positive trusted core of communicants well might permit high quality service for relatively low costs, such as little or no content analysis, with its attendance statistical failings (false positives). And so on... d/ --- Dave Crocker Brandenburg InternetWorking +1.408.246.8253 dcrocker a t ... WE'VE MOVED to: www.bbiw.net