On 5/21/02 7:14 AM, "Jeffrey Goldberg" <jeffrey @
> blocking, however, is effective if merely enough people do it.
But then you get into the issues of consent. Who gets to decide what should
be blocked? This is where it gets to be complicated, because one of the
realities is that while most of us want to block spam, in all honesty, porn
is a big profit center, not just for the porn sites, but for the ISPs who
sell accounts to access it, run usenet sites so customers have access to the
binary groups, etc, etc. Even if sites want to block stuff, not all of their
customers want it blocked.
Block more services at a higher level? Above.net and MAPs tried that. It
created a lot of unhappiness with above.net customers and for the ISPs that
used them, and in all honesty, MAPs spent years trying to get sued to prove
they had the right to do this, and the first two times someone took them to
court - they ended up backing down and settling. You look at those court
cases, and you see that for all the posturing of the RBL sites -- they don't
seem to have the law behind them, and when push comes to shove, they have
two choices, turtle or lose and set a precedent they can't afford to allow
to be set.
So site blocking has serious roadblocks on a number of levels -- legal,
logistic, technical and acceptance. IMHO, that makes it difficult to
impossible to implement well-enough to get to "enough".
Which sends us back to filtering, because it can be implemented on an
individual level, or at some higher level if there's an appropriate person
with authority (corporations can make a corporate decision, but ISPs are
> But I still maintain that measures (like filtering) which don't directly
> or indirectly increase the costs to spammers for spamming will make the
> problem worse, not better. I think that this is what we've seen over the
> past few years.
But filtering does work. Look at the UDP (Usenet Death Penalty). They've
been able to generate a system with a big enough stick to get ISPs to
notice. It's also opt-outable at the site level, it seems to have found a
way (amazing for usenet) to get folks to buy into it, and they've generally
avoided the political problems that the RBLs fall into -- in large part,
IMHO, because the UDP discussions are made in large part by consensus and
primarily in public, so there's a high level of accountability on the
managers of the UDP. Most of which is not true of any RBL site,
UDP also focusses on identifying and fixing the worst problems, not
thrashing around at any and every site in the universe.
There's a model here that can be adopted to SMTP. Until it is, I don't think
you'll ever see the blocking side of enforcement be more than a minor player
in this. And I'm not convinced there's a group willing to create an RBL
that's also open and accountable for their actions because the folks who
tend to set these things up also tend to feel they should be setting policy,
not sharing that authority with the users they're asking to accept it.
Chuq Von Rospach, Architech
com -- http://www.chuqui.com/
Yes, I am an agent of Satan, but my duties
are largely ceremonial.
From: Jeffrey Goldberg <jeffrey @