On Sun, 7 Sep 2003, Iljitsch van Beijnum wrote: > On zondag, sep 7, 2003, at 21:45 Europe/Amsterdam, Dean Anderson wrote: > > > Information theory says that such things are impossible. One can not > > construct a spam-free protocol because this is the same problem as > > constructing a system free of covert channels, which information theory > > says is impossible. > > Nobody cares. Making a roof 100.000000% impervious to water molecules > may be impossible, but that doesn't mean we have to resign to getting > wet every time it rains. People care because when someone comes around saying "you can have a 100% impervious roof if only you jump through these inconvenient hoops", we know that they are wrong, and don't need to waste time considering how inconvenient the hoops are. "We", meaning the IETF, care, because this is very useful aid to deciding what to work on. We know that we need to focus on leak stoppage, not trying to invent leak-proof protocols. There is no point researching something that is impossible. > > It is not simply hard. It is impossible, like perpetual motion. > > So when exactly was the earth supposed to stop moving? God didn't make the earth move perpetually. He just made it move long enough. It seems that even God can't solve some problems. We didn't get to the moon by inventing perpetual motion machines, though early proposals were based on such machines. We got to the moon by working on the messy physics of rockets. When someone comes to the NSF and says you can have a perpetual motion machine if only you jump through some very inconvenient hoops, and spend a lot of money, the NSF can save itself the time and money by discarding perpetual motion schemes from its research program. Similarly, information theory allows us to discard some ideas from our research programs. That is why we care. > > After I first posted this on IETF a while back, someone suggested that > > covert channels require cooperation, and that spam therefore isn't a > > covert channel. > > Where does this covert channel stuff come from anyway? What do you mean? > > But this is a simpler way to think about it: Spammers can continue to > > claim they are legitimate emailers, because they _ARE_ legitimate, so > > far as we know before they send email. And even so far as we know > > _before_ someone _READS_ their email. Only after reading their email, > > and perhaps only after some investigation, can we know for sure that > > the sender and message is conducting abuse or in violation of their > > AUP. > > This goes for each individual message, but the spammer's achilles heel > is that they need to send out incredible amounts of email in order to > fulfill their objectives, whichever those are. Detecting bulk mail is > doable, and it shouldn't be too hard to come up with something to > differentiate legitimate bulk emailing from spam. For instance, we can > reverse the burden of proof here and only allow know bulk emailers. "Detecting abuse" is quite different from making a protocol that can't be abused. But that is my point: You have to focus on detection. This doesn't require any protocol changes whatsover. We are already "only allowing known bulk emailers". Unfortunately, that doesn't prevent spam. Indeed, it seems most of the spam isn't commercial: Most of the spam seems to come from viruses, and isn't really selling anything. The viruses can use the credentials of the infected user. That is "legitimate", until someone reading the email realizes its not and complains. These send 40-50 messages per IP, and is hard to detect as bulk. But when added up over a lot of IP addresses, is quite obviously annoying. > > It is not immune to spam, though it distributes spam and other > > broadcast messages much more efficiently than typical email systems. > > Ouch! :-) > > Fixable with authentication. No, that's the point. It isn't _fixable_ with authentication. It isn't fixable at all. It is only "fixed" when the spammer loses his account. Then the spammer gets a new account. So it isn't really fixed. So we are always going to be playing a game of whack-a-mole. That cannot be avoided by altering the protocol or the authentication scheme (information theory proves this). So it is useful, then, to work on ways of detection, and improve our whack-a-mole skills. Altering protocols and authentication is a waste of time. --Dean