Interesting People mailing list archives
Email issues
From: Dave Farber <dave () farber net>
Date: Thu, 19 Feb 2004 06:11:42 -0500
Delivered-To: dfarber+ () ux13 sp cs cmu edu Date: Thu, 19 Feb 2004 10:41:58 +0100 From: "Peter B. Ladkin" <ladkin () rvs uni-bielefeld de> Subject: Email issues Folks, I shall send this note to Risks, but it contains a reference to the current print edition of The Economist, which will only be available for a few more days, so I am taking the liberty of distributing this comment more personally. Lawrence Kestenbaum substantiates in his Risks 23-19 note the considerable problem generated by inappropriate e-mail server responses to virus/worm/spam e-mail, which I noted with regard to Sobig (Some observations on email phenomenology, Risks 22-88). However, his last paragraph misplaces blame. The spammers and worm/virus writers are no more responsible for the amounts of junk generated by misconfigured e-mail servers than I am responsible for the damage caused by an automobile whose driver does not observe my bicycle until the last second and manoeuvres suddenly. I agree with Kestenbaum that the e-mail system is more or less broken. The Economist has addressed the issue in its edition of February 14, 2004 (Business Section. The article is available on its WWW site for a fee to non-subscribers). In an article entitled "Make 'em pay" (supertitled "The fight against spam", subtitled "The dismal science takes on spam"), the journal suggests that techies have had a go at the problem, then politicians, and now economists are "taking over". Risks readers may recall that Bill Gates said in an interview at the recent World Economic Forum at Davos that certain measures Microsoft favors will get rid of spam in two years. One of those proposals was a per-mail fee, like postage. The article says that "Sceptics noted that Microsoft could also help by fixing security flaws in its products - the latest confessed to this week - that can be exploited by spammers". The article discusses various schemes, namely those by Goodmail Systems, IronPort Systems, and Balachander Krishnamurthy at AT&T Labs. I hope that the techies and politicians are not yet finished. The payment proposals distinguish between two classes of user: bulk mailers and others. (The post office does also: bulk mail there is cheaper than ordinary mail.) Bulk mailers should, somehow, pay. But not all bulk mailers are spammers. I suggest that a much more fundamental distinction lies between fraudulent e-mail (e.g., that with intentionally false header information) and non-fraudulent e-mail. In my opinion, this issue must be addressed come what may. Fraud in electronic communication covers much broader issues, even for business, than spam and its responses: for example, one needs reliable processes for establishing, validating and enforcing contracts electronically. E-mail authentication would be a great help. Since the e-mail server market is dominated by very few pieces of SW, one imagines a coordinated effort to alter e-mail protocols to introduce some degree of authentication, say along the lines of Tripoli, lies at least as well within reach as schemes to introduce payment for e-mail. We may presume that producers of such SW are well aware of such proposals, and we may conclude that they are not favored because they do not fit someone's business model. I find some confirmation for this conclusion in that schemes to introduce individual payment for free e-mail service are being touted at the very time when just the reverse is happening with telephony: schemes for internet telephony are apparently arousing interest in major telecommunications companies over the traditional individual payment model. I imagine that if one is a commercial SW producer it is also easier to make money by responding incrementally to internet users' issue du jour rather than by introducing a procedure that would handle a large class of such problems all at once. One argument in favor of the business model could be that the economy which has sprung up to deal with spam and internet security issues is now large enough to lobby successfully against any proposal that would reduce its potential clientele at a stroke. If this is so, then incremental modification would seem to be the only socially viable possibility. What a depressing thought. PBL Peter B. Ladkin PhD FBCS CW(hon) Professor of Computer Networks and Distributed Systems, Faculty of Technology, University of Bielefeld, 33594 Bielefeld, Germany Tel (Vx/msg/Fax) +49 (0)521 880 7319 http://www.rvs.uni-bielefeld.de ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Email issues Dave Farber (Feb 19)