Request for opinions on whether to creating a working group or publish the following
idea as an internet draft?
Spam is big problem that is getting worse. BrightMail.com (which claims to process
10% of world's email) claims that the percentage of spam out of all email has grown
from 16% in Jan. 2002 to 50% in Aug. 2003.
A fundamental unsolved problem of doing any thing about spam, is there is currently no
unambiguous definition of spam as an enforceable internet standard. This has been
architectually impossible to define because the receiver is the subjective determinant
of which bulk email is solicited and which is spam (UBE).
ISPs, Hosts, legislators, judiciaries, and even anti-spam software, have a fundamental
problem in that definition of spam as UBE is currently architectually unenforceble due
the fact that subjective determination of "unsolicited" current happens after the
email has been delivered to the receiver.
My idea is to create an internet draft, RFC, and hopefully internet standard, that
would define a simple architectual paradigm for legitimate bulk email that
unambiguously separates it from spam (UBE).
Simply define that legitimate bulk distribution of email should be done by mechanism
of each bulk distributor providing a public POP3 (and IMAP) account or server, rather
than sending the email directly.
In the case of a public distribution (e.g. most direct email and mailing lists), a
POP3 (and IMAP) account of user "anonymous" with password "none" would suffice. In
the case of private dissemination (private mailing lists), a POP3 (and IMAP) server
with individual accounts could be provided.
The elegance of this paradigm is that users then control the opt-in/opt-out database,
by configuring their email client to POP email from only the bulk POP accounts they
wish to subscribe to.
The effort to support this paradigm is minimal because it uses existing email
paradigm. Legitimate bulk senders have to change from a broadcast ("push") metaphor
(e.g. Majordomo) to a "pull" metaphor simply by depositing their outgoing email in the
public POP account they create. Receivers simply follow instructions to POP bulk
email they want, instead of the equally complex task of subscribing to bulk email.
This accomplishes several goals:
1. Any bulk email is then spam (receiver has not opted in) and can be dealt with by
ISPs, Hosts, legislators, judiciaries, and anti-spam software.
2. Receivers now have uniform control over opt-in/opt-out policy without a global
authority
3. Legitimate bulk senders can be insured that they or their email won't be
misclassified as spam
4. Those who send UBE can no longer claim they are legitimate or that receiver has
opted-in (ambiguity removed) and can be dealt with by ISPs, Hosts, legislators,
judiciaries, and anti-spam software.
5. With a "pull" paradigm, the load (resource usage) on the public internet, sender,
and receiver is reduced, because I venture that a majority of bulk email sent would
not be pulled.
I think this paradigm would empower Hosts, ISPs, legislatures, and judiciaries to do
more about spam (incoming) and spammers (outgoing), because their hands would not
longer be bound by ambiquity. I realize that some vested interests, such as direct
emailers or those invested in push based mailing lists, might resist. However, I
think the benefits outweigh the limited costs to migrate. Some direct emailers might
resist because some may prefer being able to cloak spam under the guise of
"solicited". Legitimate bulk emailers stand to gain a lot by separating themselves
from the noise of UBE.
Shelby Moore
http://AntiViotic.com
