On Thu, 21 Jul 2005, Hallam-Baker, Phillip wrote: > > The problem is at least made worse by the fact that the first thing that > happens when a focussed proposal is made people start saying 'That is no > good, the [bad guys] will just do X'. Often, it has actually been the case that the bad guys just did X, which was obviously possible beforehand. We went to great expense for nothing. Why didn't anyone think about what the bad guys could do? [we tend to characterize such obviously failing schemes as hair-brained, (or perhaps "hare-brained" for the rabbit-watchers), but this is probably unfair in some respects. An honest and direct answer is appropriate.] You can't fight spam on the assumption that abusers can't change. But nearly every anti-spam proposal does just that. That is, if it has any rationale about how it will affect spam or anyone at all. Anyone who suggests that the abuser can simply do X is generally not well received. For example The email authentication scheme promoters don't even consider reactions or ill-effects. They just take it as given that spam will be prevented if we have authentication. But even perfect authentication would have no effect on spam. [skip the details, assume users are perfectly authenticated, then ask "so what?"] A very expensive authentication system doesn't even require much change to what spammers do now. Yet the "best technical minds of the IETF" don't agree with this. Or rather, just ignore the "so what?" part. That isn't engineering, that's just amateurish experimentation at our expense, and perhaps their profit. Of course, if you take that analysis of channel usage to its logical end, one will find that you can't prevent spam. Or more specifically, can't secure a communication channel against topically inappropriate messages. --Dean -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf