It would never work: <soapbox>
1) ISP's make money on the bandwidth they sell to spammers. 2) major spammers have already moved overseas. 3) international law is moot and wouldn't work anyway - reference #1 above. 4) key/auth of anytime will never be effective. people, even email admins, struggle with "My server requires authentication" on email clients. 5) some people actually want this stuff.. so you now have yet another class of mess to deal with exchanging keys, etc, all over. fwiw, I believe that if every major ISP would have and use there own blacklist servers, that were equally load balanced such as the root dns servers, then we might have a 'marginal' chance at stopping spam. Give non compliant countries .. say 2 years to play fair or shut them off from all US access (it's that simple). further, if the us government would impose stiff financial fines, to ISP's who take a lackadaisical approach to spam, than that too would help educate them. The bottom line is, IMHO, is to make it NOT monetarily beneficial to ISP's to turn an eye... and then you might have a chance. ~Rick </soapbox> > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Cybertime Hostmaster > Sent: Tuesday, December 09, 2003 8:22 PM > To: [EMAIL PROTECTED] > Subject: [IMGate] Governmental Folly > > > > Our government in the grand young USA, try as they might, seems to be > doing something foolish again. > > > > Any anti-spam legislation they produce will have one fundamental flaw, it > will be for the USA, and not the world. > > > > The flaw in the law is simple. If I hire a marketing firm, and they take > illegal actions, I am not responsible, they are. > > > > Lets take Joe Junkmailer, a product seller who is fond of spam tactics, > and wants to avoid the new laws. > > > > Joe hires a non-USA based company to send out his loads of junk. He gets > reported for spamming, and taken to court. In his pre-trial process, he > produces a contract between him and this non-USA based third party in > which they assure him they are following the laws of the USA. He then > produces proof that he has changed his marketing company due to this abuse > as an effort to support the laws. Case closed. > > > > What I think would be a better solution is governmental support for > "credentials." > > > > The A/PTR part of credentials is east to understand and explain. > (D.C.B.A..in-addr.arpa. PTR host.name. must resolve to host.name A > A.B.C.D) > > > > But I remember hearing there is more to it than that. I know Len has > talked about SPF/DSP, but I never quite figured out what technology he was > talking about. Sorry Len, but whenever you had that acronym explained, I > missed it, and can't seem to see it in my archive. > > > > What I am working on is a letter, typed and no more than two pages, which > would be written in a way that explains the flaw in the legal recourse, > the advantage in credentials systems, and how governmental enforcement of > credentials on their own servers, backed with encouraging major ISPs to do > the same, could be far more effective than any law. (And would be very > cost effective to boot!) > > > > If the major ISPs followed suit, then it is very likely this would be a > more world wide answer than the proposed USA law. > > > > If forgeries were automatically rejected by everyone, then we would only > have known sources to deal with, and that is a lot easier. > > > > Does anyone here have links to layman's explanations of the tech involved? > I want to make sure I state things properly before sending off any such > letter. > > > > --Eric > > > ___________________________________________________________________ > Virus Scanned and Filtered by http://www.FamHost.com E-Mail System. > > ___________________________________________________________________ Virus Scanned and Filtered by http://www.FamHost.com E-Mail System.
