I was away for a week and it was interesting to read this whole debate at a sitting. You have my permission to reproduce what follows anywhere you like, as long as you do it in entirety or at least in context. --------- MEMO ON THE SPAM ISSUE Let me state at the outset that I dislike spam as much as anyone here, and specifically in a List-Managers context, I hate its being sent to my lists -- or to individuals whose addresses have been harvested from my lists. While I agree that an excuse-laden "spammer speak" exists, I notice that what you could call "spambuster speak" is also being perfected by well-meaning folks who have, in effect, declared jihad over the issue, and gird for battle each day, ready to browbeat anyone stupid enough to get into an argument with them on this subject instead of doing something useful like spamming fraudulent stock offers or sorting the sock drawer. For example: "The Internet" is not really threatened by spam, a/k/a unsolicited commercial email (UCE), not in five years or five decades. "The Internet" is just IP traffic using a set of application protocols, of which SMTP (email) uses a small bandwidth fraction, even with spam included. Infrastructure is being built at a breakneck pace to accomodate Web and post-Web traffic whose volume dwarfs that of older protocols, no matter what it's used for. Email gets a free ride, now and for the indefinite future. If it were turned off completely -- and who can say for sure that it won't be -- the Internet would keep on mushrooming. What _is_ threatened by "spam" is the old-fashioned, unspoiled privilege of having a real-world email address that's publicly known and discoverable throughout the Net by any nice person who needs it, and yet when you open your In-box in the morning there's nothing there except friendly personal and business messages from people you actually want to correspond with. As the ALL IN THE FAMILY theme went, "Those were the days." (Of course those really _weren't_ the days, because most people didn't have email yet as they do now - it was basically an interesting and promising toy, unless you were lucky enough to work in one of the little academic-industrial circles where the Net was born. I don't begrudge those folks their good fortune, but we should realize the limitations of the model they worked under.) When I go to my US Postal Service mailbox in the morning, probably 60% of what's there is unsolicited, and another 20% is sheer boilerplate (oh great, another J.Jill catalog, why did we ever order that turtleneck?). Even the stuff I "expect" seems to be mostly waste paper (Reaching Out To You: A Colorful Monthly Newletter From Your Electric Company -- GAAACK!); actual personal or business mail from people I know would be lucky to break the two-percent mark, except at Christmas - and even those are often xeroxed "family newsletters" lately. But I don't declare war over it -- why not? Because (1) postal commerce is REGULATED. I know I won't get HOT STEAMY PORN NOW brochures, because an expensive army of postal cops sees to it; and (2) I'm not PAYING to receive mail by the piece or the pound. More junk mail from Pennysaver and Hold Everything just means I don't have to buy starter logs for the fireplace. By comparison, Internet commerce is unregulated; and while I don't like listening to sleazeball operators defend "free speach[sic]" any more than the next person, I worry about what babies we would end up throwing out with their bathwater. As any of us list managers who have received silly "No relaying, die spammer" Sendmail error messages from some overzealous net.paranoid's site (in response to a perfectly good Digest or membership probe) can attest, one person's Useful Content can all too easily look like another person's UCE Spam when the suspicion level rises high enough. Here's a question: if the Net were so tightly regulated that spammers were automatically busted by an expensive army of content cops, could YOU get anything useful done without wallowing in red tape and cautious triple-checks of every word you said? More to the point, should the small fraction who answer that question today with a light-hearted "yes, no problem!" - because for them the Net basically still IS a toy - automatically have the right to call the shots? I'm just asking. If the answer's yes, then email ultimately remains a toy -- and the market will find another protocol. If the answer's no, then we need some solutions. The argument that users shouldn't have to pay extra to download unsolicited junk email is more persuasive, but why should it apply just to commercial messages? I shouldn't have to pay to download 15K re-quoted Digests that bounced off some yokel's misconfigured mailer. I shouldn't have to pay to download urban-legend FCC petitions or "I know this is off topic but you just have to laugh at this one!" mailroom humor that's chain-forwarded from clueless semi-strangers who happen to have my address. I shouldn't have to pay for any email I didn't specifically expect, request, or pre-authorize. But who IS going to pay for it - Oprah Winfrey? A slush fund at MAE-EAST? Until and unless we adopt some kind of sender-pays model that supports preauthorized COD for subscribing users, we are always going to have this problem. And I'm not sure that kind of model will ever happen. More likely, Web-induced bandwidth explosion is going to finesse the issue by making it so cheap to get ANY amount of mail, solicited or otherwise, that the postal-mailbox analogy once again applies: you may grumble at the junk, but it's not impoverishing you. In the meantime, we are in a chaotic interregnum with a few recognizable features, and a few things we can do. One, users do have some options to protect themselves against spam, like publishing a Bigfoot or Pobox address and letting those services do the filtering. Unfortunately, (a) configuring this properly with a garden variety ISP like Netcom or AOL or MSN is just tricky enough to be out of the reach of most users; (b) the well-meaning cabal of net demigods who call the email shots today didn't invent that approach, don't use it themselves, and generally hold it in dim regard; and (c) it is actually subject to occasional abuse by hit-and-run spammers, which means that your own legitimate stuff may stop being delivered. There are also spam protections in recent versions of Sendmail, but this is an arms race and users seldom have any choices over how it's being waged in their name. Two, there is a code of conduct for ISP's, partly self propelled but also partly "enforced" by a volunteer strike force of net.cops who watch for abuse. Vanity domain forwarders (like our friend at NetNames) should remember that virtual hosting is still hosting: if someone uses your machines to forward spam mail OR spam responses, you are abetting spam and you should stop it lest you put your legitimate customers at risk. Arguing about it here will do no good whatsoever; the domain will be added to the watch lists and undoing it will take months. Having said this, I must admit (and the soldiers of the jihad should realize) that it's MUCH harder to catch a receive-side drop box than a send-side spam forwarder. You end up playing fireman to every user's complaint -- usually after the fact and after the damage has been done. Hardened spammers hit once and move on. What can we do? (1) Create more resources for users, like help on installing spam protection and info on where to report abuse. Teach rather than browbeat. (2) Create more resources for list managers and net admins to share, like registries of legitimate list publishing points so that our distribution can survive as the barriers keep rising, and libraries of configuration tricks and explanatory message texts for use in handling spam/noise issues. Beat your swords into FAQ files. (3) Pressure companies to incorporate flexible spam protection in their own products - and to prevent unnecessary junk email on their own services. (One example is warranty registrations and free-trial surveys that bury a sneaky "Please send me junk mail" checkbox down at the bottom, turned ON by default, and sometimes even RE-enabled after you turned it off, when you have to correct an entry before submitting!) (4) Read more, learn more, think more, reinvent the wheel less, re-argue the flat earth less, and just generally behave like good people when we can. Life's too short. As I say, pass this on at will. Happy Groundhog Day. -- Tom Neff [EMAIL PROTECTED]
