>> > Information theory says that such things are impossible. One can not >> > construct a spam-free protocol because this is the same problem as >> > constructing a system free of covert channels, which information theory >> > says is impossible. But information theory also says you can optimize signal-to-noise ratio, but only if you know what the characteristics of your signal are. Thus my whole motivation for an unambiguous definition (spam == all bulk email) along the channel and not just a definition at the end points (UBE). >> Nobody cares. Making a roof 100.000000% impervious to water molecules >> may be impossible, but that doesn't mean we have to resign to getting >> wet every time it rains. > >People care because when someone comes around saying "you can have a 100% >impervious roof if only you jump through these inconvenient hoops", Who said 100%????? Is the problem already reduced to an acceptable S/N ratio for the majority? Is the current S/N ratio a problem for the majority? > we >know that they are wrong, How can you know "they are wrong", even you did not even realize that no one was proposing a 100% solution in this thread?? >"We", meaning the IETF, care, because this is very useful aid to deciding >what to work on. You decline work without even understanding what is being written about a new idea? No one ever proposed 100% solution. I challenge you to find one post where I wrote that. > We know that we need to focus on leak stoppage, not >trying to invent leak-proof protocols. I proposed an way to improve leak stoppage, by defining the signal in the channel and not only at end points. I never proposed a leak-proof protocol. Underlying in what you are saying is you don't support new protocols, because you have a vested interest in existing methods of detection. >We didn't get to the moon by inventing perpetual motion machines, And many people said it was impossible for us to get to the moon. > though >early proposals were based on such machines. We got to the moon by >working on the messy physics of rockets. What about the messy information theory of defining the spam signal for the channel and not just the end points, so that it can be studied and research in the channel and not only in the receiver's mind???? Have you not realized yet that profound point I am making??? >> > After I first posted this on IETF a while back, someone suggested that >> > covert channels require cooperation, and that spam therefore isn't a >> > covert channel. >> >> Where does this covert channel stuff come from anyway? > >What do you mean? The use of covert here probably meant that making anything 100% covert is impossible in information theory. >> > But this is a simpler way to think about it: Spammers can continue to >> > claim they are legitimate emailers, because they _ARE_ legitimate, so >> > far as we know before they send email. And even so far as we know >> > _before_ someone _READS_ their email. Only after reading their email, >> > and perhaps only after some investigation, can we know for sure that >> > the sender and message is conducting abuse or in violation of their >> > AUP. You exactly stated the problem. We have not defined spam (the signal we need to sample) in terms of the channel. If you define it as ALL BULK EMAIL, then you can actually start some messy science of getting to the moon on spam issue... >> This goes for each individual message, but the spammer's achilles heel >> is that they need to send out incredible amounts of email in order to >> fulfill their objectives, whichever those are. Detecting bulk mail is >> doable, and it shouldn't be too hard to come up with something to >> differentiate legitimate bulk emailing from spam. For instance, we can >> reverse the burden of proof here and only allow know bulk emailers. > >"Detecting abuse" is quite different from making a protocol that can't be >abused. But that is my point: You have to focus on detection. This >doesn't require any protocol changes whatsover. You can not measure a signal if you have not defined it. That is a fundamental concept of information theory. Spam is ambigous in the channel, unless you define spam == all bulk email. How many dozens of times have I written that in this thread! >We are already "only allowing known bulk emailers". Unfortunately, that >doesn't prevent spam. SOBO (statement of blatantly obvious) that you can't filter something if you can't define it. That information theory 101. > Indeed, it seems most of the spam isn't commercial: >Most of the spam seems to come from viruses, and isn't really selling >anything. The viruses can use the credentials of the infected user. >That is "legitimate", until someone reading the email realizes its not and >complains. These send 40-50 messages per IP, and is hard to detect as >bulk. Viruses are a different signal and can be filtered as such, unless they contain no viral data. >No, that's the point. It isn't _fixable_ with authentication. It isn't >fixable at all. It is only "fixed" when the spammer loses his account. >Then the spammer gets a new account. So it isn't really fixed. So we are >always going to be playing a game of whack-a-mole. That cannot be avoided >by altering the protocol or the authentication scheme (information theory >proves this). So it is useful, then, to work on ways of detection, Agreed. And you can not detect well if you can not define what you are detecting. >improve our whack-a-mole skills. Altering protocols and authentication is >a waste of time. Er... unless they improve our ability to detect. Shelby Moore http://AntiViotic.com