Unwanted and irrelevant mass mailings, commonly known as spam are becoming a serious nuisance that if left unchecked may soon be regarded as a Denial of Service Attack against the email infrastructure of the Internet itself. The term spam is derived from a Monty python sketch set in a cafeteria in which the principal protagonists have difficulty making them heard about a group of Vikings singing. "SPAM" in honor of the meat product manufactured by Hormel.
IDEAL SPAM CONTROL SYSTEM PROPERTIES
" An ideal spam control would have the following properties
" Eliminate all unwanted mails
" Eliminate no wanted mails
" Require no user input on the part of either the sender or the receiver.
" Be compatible with all uses of mail.
" Be compatible with all email infrastructure configurations.
" Be scalable, that is remain effective if 90% of internet users adopt it.
" Resist attempts to evade it.
" Create no new problems.
No perfect spam control solution has been found so far. Filtering approaches are compatible with a broad range of email uses and infrastructure but no filter perfectly identifies even a fraction of unwanted emails without eliminating at least some wanted emails. Further more the more widely a filter is used the greater the incentive becomes for the spam senders to test against it to ensure that their spam gets through.
TOWARDS SOLUTIONS
There are many types of spam and it is likely therefore that any realistic program to eliminate spam will have to address the problem in multiple ways. In particular we should not reject a mechanism out of hand simply because it fails to deal with a particular type of spam sender .For example it is highly unlikely that spam senders engaged in organized crime will respect Opt-Out lists or Legislative approaches. We should not however, we conclude from the fact that a mechanism fails in certain circumstances that it fails completely in all circumstances.
The only mechanisms that rule out of hand are those based on vigilante actions that attempt to gain compliance by coercion.
BEST PRACTICES
The traditional response of the internet to problem uses administrators of deployed protocols is to specify some form of 'Best Practices'. Spam is an attack on the Internet community. The short survey and prosecutions by the FTC and others show that the spam senders are in many cases outright criminals, how then can best practices help? One area in which best practices can provide concrete benefit is in ensuring that the vast majority of Internet users who are acting in good faith do not inadvertently make the problem worse by poorly chosen or poorly coordinated mitigation strategies. Many of the problems being caused by irresponsible blacklists could be addressed through common agreement on best practices for blacklists setting out criteria for issues such as notice to the listed parties, appeals processes and the acceptability of 'collateral damage'. Best practices can also provide backing for legislative approaches. An appropriate statement by an authoritative body can help a court to decide that a particular form of behavior is unacceptable, even if such statements do not have the endorsement of a legislative body they can quickly acquire the force of law when the worst malefactors are being dealt with.
IDEAL SPAM CONTROL SYSTEM PROPERTIES
" An ideal spam control would have the following properties
" Eliminate all unwanted mails
" Eliminate no wanted mails
" Require no user input on the part of either the sender or the receiver.
" Be compatible with all uses of mail.
" Be compatible with all email infrastructure configurations.
" Be scalable, that is remain effective if 90% of internet users adopt it.
" Resist attempts to evade it.
" Create no new problems.
No perfect spam control solution has been found so far. Filtering approaches are compatible with a broad range of email uses and infrastructure but no filter perfectly identifies even a fraction of unwanted emails without eliminating at least some wanted emails. Further more the more widely a filter is used the greater the incentive becomes for the spam senders to test against it to ensure that their spam gets through.
TOWARDS SOLUTIONS
There are many types of spam and it is likely therefore that any realistic program to eliminate spam will have to address the problem in multiple ways. In particular we should not reject a mechanism out of hand simply because it fails to deal with a particular type of spam sender .For example it is highly unlikely that spam senders engaged in organized crime will respect Opt-Out lists or Legislative approaches. We should not however, we conclude from the fact that a mechanism fails in certain circumstances that it fails completely in all circumstances.
The only mechanisms that rule out of hand are those based on vigilante actions that attempt to gain compliance by coercion.
BEST PRACTICES
The traditional response of the internet to problem uses administrators of deployed protocols is to specify some form of 'Best Practices'. Spam is an attack on the Internet community. The short survey and prosecutions by the FTC and others show that the spam senders are in many cases outright criminals, how then can best practices help? One area in which best practices can provide concrete benefit is in ensuring that the vast majority of Internet users who are acting in good faith do not inadvertently make the problem worse by poorly chosen or poorly coordinated mitigation strategies. Many of the problems being caused by irresponsible blacklists could be addressed through common agreement on best practices for blacklists setting out criteria for issues such as notice to the listed parties, appeals processes and the acceptability of 'collateral damage'. Best practices can also provide backing for legislative approaches. An appropriate statement by an authoritative body can help a court to decide that a particular form of behavior is unacceptable, even if such statements do not have the endorsement of a legislative body they can quickly acquire the force of law when the worst malefactors are being dealt with.
0 comments:
Post a Comment