On Wed, 10 Sep 2003, Shelby Moore wrote:
> At 01:41 PM 9/9/2003 -0400, you wrote:
>
> However, I think the analysis of the concepts of information theory,
> channels, and models of spam is more fundamental to "internet
> engineering" than the original purpose of this thread and thus I see no
> reason why it would not be useful data here at IETF.
I tend to think that the more theoretical aspects of abuse-free protocols
aren't specific to spam, and are probably of more general interest.
However, discussion needs to be productive, as well as interesting.
> Before I respond to your continuance of your argument, I *respectfully*
> remind that I already refuted the whole line of criticism you are
> continuing in this post, when I rebutted your last post in this thread:
I did read your post. But it seems we have unbridgeable differences:
> but to focus your attention on detection, rather than protocol
> alteration. It is impossible to alter the protocol in any way that
> will force the spammer to identify themselves a-priori as a spammer.
Disagree strongly. First benefit is once you define spam == *BE
(instead of UBE), then it is easier to model spam and do research on
it,because you can model it at any node in the channel, not only at the
receiver end point. That was my whole point about "enforcers".
I think I've already covered this, but perhaps more clarity will be
helpful:
The theoretical definition of "spam" is simply "email that is unintended
by the the system operator, that is hidden from the system operator, and
violates the security policy of the system operator". No more precision
is necessary to use the theoretical framework I am using. We don't need
the exact intentions of the system operator, nor the security policy. We
just have to posit that these exist, and that they are violated by spam.
For example, altering the definition of spam doen't have any effect on the
impossibility of making a protocol that will automatically force the
spammer (uncooperatively) to distingish themselves from regular users
(self marking). Self-marking could only be done with the spammers
cooperation, and there is no reason to think that todays abusers will
cooperate, since most of those abusers are already unconvicted felons and
have no commercial purposes. Frequently, these abusers appear to use
viruses, which could be using the credentials of regular users. So, they
can do _everything_ those regular users can do.
Because you can't count on any quick cooperation before the recipients
mailbox, it doesn't seem to be helpful to think about modeling spam at
other nodes.
--Dean
