On Mon, Nov 06, 2000 at 08:37:31PM -0800, Bill Stewart wrote:
At 12:22 PM 11/5/00 -0600, Jim Choate wrote:
On Sun, 5 Nov 2000, Declan McCullagh wrote:
Well, let's take this up one level of abstraction. We can stop spam from flooding our inboxes (an economic bad) by: 1. law "Congress shall make no law ...". 3. cypherpunkly end-user technology I obviously support anything an individual wishes to do with respect to making choices, provided they don't involve me without consent. This aspect should be pushed strongly.
I agree with Jim that anti-spam laws are bad in principle; in practice they're usually worse :-) Some kinds of cypherpunks technology don't involve the law; some do. For instance, user-supplied filters can trigger libel laws ("Hey, your filter called me a SPAMMER! I'll SUE!").
From: and Reply-to: to some unfortunate victim. In the latter two cases,
Maybe I'm too limited in my thinking, but I don't see this actually happening with usr-level filtering. Mostly for the simple reason that it doesn't make sense to send anything back to the spammer. They're usually spamming from a bogus address or a throw-away or pointing the recipient's email account soon overflows with complaints. So there's not much use in replying to spam. All the recpient can do is filter it into a seperate file or throw it out entirely. The spammer will not know what action users have taken, so they can't complain. This is different from the MAPS case, where the sites that use MAPS (and RBL etc) refuse to accept mail identified by MAPS as coming from spam sites or open relays. This way, the spammer finds out that their spam is rejected, and there's a big organization (MAPS or larger sites using it) to go after. If it's a "cypherpunks technology" spam filter, then there's no commercial program for spammers to test their spam on and no company to sue. In any case, I beleive that end-user spam filters should allow individual users to customize the filters or replace them entirely. I've written a simple user-level filter that attempts to recognize spam by the emails content instead of the headers. It's still a crude experiment at this point, but it seems to be working ok for me. http://www.lne.com/ericm/spammaster/ -- Eric Murray Consulting Security Architect SecureDesign LLC http://www.securedesignllc.com PGP keyid:E03F65E5