At 01:41 PM 9/9/2003 -0400, you wrote: >My apologies for this message. This discussion is winding down. Iljitsch >makes some interesting points, to which I have tried to respond >thoughtfully.
Dean, Yes as already stated, I do intend to close this thread and eventually provide a forwarding link to a new discussion elsewhere (perhaps at IRTF as someone suggested, if possible...) However, I think the analysis of the concepts of information theory, channels, and models of spam is more fundamental to "internet engineering" than the original purpose of this thread and thus I see no reason why it would not be useful data here at IETF. Before I respond to your continuance of your argument, I *respectfully* remind that I already refuted the whole line of criticism you are continuing in this post, when I rebutted your last post in this thread: http://www1.ietf.org/mail-archive/ietf/Current/msg22139.html In case any one missed it, I think the most relevant section there begins done the page a bit with: "Disagree strongly. First benefit is once you define spam == *BE (instead of UBE), then it is easier to model spam..." more below... >> Your analogy doesn't fly. Our email protocols have holes big enough to >> drive a truck through. Is it unreasonable when people ask the IETF >> leadership for a place to work on this? > >I don't think our email protocols have any holes at all. They can be >abused. But mere abuse is not a "hole". Semantics debate only. Better to stick to the real point below... >> > "We", meaning the IETF, care, because this is very useful aid to >> > deciding what to work on. We know that we need to focus on leak >> > stoppage, not trying to invent leak-proof protocols. There is no >> > point researching something that is impossible. >> >> Let's first define our goal before declaring it impossible to reach. > >Well, I think the goal has been stated: Create an abuse-free email >protocol. No that is not the stated goal of this thread I started. I already rebutted that whole link of criticism here: http://www1.ietf.org/mail-archive/ietf/Current/msg22139.html Look for the section that starts with: "Your point is that it is futile to define a protocol..." And here: http://www1.ietf.org/mail-archive/ietf/Current/msg22129.html Start reading down from: "I proposed an way to improve leak stoppage, by defining the signal in the channel and not only at end points. I never proposed a leak-proof protocol." >Perhaps you have a different goal in mind, but it doesn't sound like you >accept the premise that it impossible to create an abuse-free protocol. The links to the previous posts are above which state that is not our goal. You have been told that at least 2 or 3 times already. >> Iljitsch van Beijnum wrote: >> The jump from "spam" to "covert channel" isn't immediately obvious. And >> if any proof of why spam is a covert channel has been offered, I've >> managed to miss it. Iljitsch van Beijnum, I think what Dean Anderson means is that because you can't create a 100% perfect covert channel, then spammers will always find a way to abuse, no matter what you do on the protocol level. Theoretically I agree with him. However, he is ignoring the posts I made (as linked above), which show that is not what I am proposing. What I am proposing has to do with improving the model of spam so it can be more easily detected at more points in the channels and earlier and other detection advantages. To get this model, I propose that we need a new definition of legitimate bulk email, from "push" to "pull"....rather than repeat my entire logic here, please read the linked posts above in entirety. > Dean Anderson wrote: >The NCSC's definition refers to ANY communication not authorized by the >security model. Note that the term "Covert Channel" is frequently >associated with Multilevel Secure Operating Systems. The liturature uses >other terms to describe the same concept: "information leakage", "sneaky >signalling", "hidden data flows", "side channels". So you must not get too >caught up in the peculiarities of operating systems. The concept is quite >general. And COVERT has nothing to do with my proposal as I've detailed ad nauseum in the above linked posts. >CHANNEL: Spam is a type of Email. Email is a channel transfering signals >from A to B. Email is really a subchannel of the internet, which is a >subchannel of the PSTN, public and private fiber networks, etc. And moving legitimate bulk email to a "pull" channel is part of my proposal. >COVERT: Spam is hidden in so far as possible from the system operators. It >is an unintended communication in that the system operators intended that >only non-broadcast, solicited commercial communication flow. This not an >exclusive list of what is permitted, but illustrates that spam isn't >permitted. Part of my overall point made in the links of posts above is that one of the reasons it is "hidden" is because it can only currently be modeled pyschologically, because the definition is UBE (unsolicited bulk email) instead of *BE (all bulk email). Again read the linked posts above more carefully. With a different model of spam, we aren't stopping abuse, we are merely increasing detection by having a better model of the signal. >> > Dean Anderson wrote: >> > "Detecting abuse" is quite different from making a protocol that can't >> > be abused. This thread is not proposing that. See above. >> Iljitsch van Beijnum wrote: >> If you can detect abuse on input rather than on output, Correct that is the point of improving the model of the spam signal, so we can do things at earlier points in the channel, input to mailing lists, input to dialup accounts, ISPs, Hosts, etc. Right now, ISPs and Hosts can do nothing because they can not say that all bulk email is spam, therefor they can not be proactive in real-time. That is just one example of many benefits to improving the model the way I have proposed. >> Iljitsch van Beijnum wrote: >> detecting abuse >> is exactly what enables you to make an abuse-free protocol. No we can not get a 100% abuse free protocol. Information theory tells you that is impossible and I agree with Dean on that. But we can get a better model which helps us detect more abuse. >Spammers can _always_ do whatever regular users can do. Mostly yes. And that is why improving the model of the spam signal is the only real way we are going to get better at detection. Actually your theories are making my proposal stronger vs all the other ways of detecting spam. My point for the last 2 years has been that any model of spam which looks at content is going to fail over the long-term because content is what legitimate mail does also. So you have to look at modeling what is actually different about the spam signal. I will make a very profound AXIOM based on information theory: AXIOM 1: The only way to reliably detect spam over the long-term is by modeling that which is unique to spam signal and not shared with legit email signal. And that is the "bulkness" of it and/or the low response (or read) rate. Now I wrote "mostly yes" above because once you move legitimate bulk email to a "pull" channel, then as Iljitsch van Beijnum originally pointed out, you can authenticate spammers to subscribed lists differently than legit users of that list. In email channel the signatures of spam are bulk and low response rate. In a subscribed "pull" channel, the spammer's signature is again what?? Think about that deeply before you try to rebutt it. (Hint: no response rate and the fact that messages which are responded to can be automatically deleted from the pull queue before many users might pull them...and other possible algorithms) Shelby Moore http://AntiViotic.com
