In article <telecom25.81.9@telecom-digest.org>, Patrick Townson
<ptownson@telecom-digest.org> wrote:
>> companies that do significant-size *CLEAN* mailings are going to 'buy
>> into' this 'goodmail' idea for it to have any significant impact on
>> general email-processing procedures. If only 0.001% of incoming mail
>> bears the 'goodmail' stamp, then providers _will_ still have to keep
>> up the existing defenses.
>> In that scenario, 'goodmail' simply won't have any measurable effect
>> on the world at large -- there will be no incentive for other
>> providers to 'buy into' the program (since it won't produce enough
>> revenue to make any noticable difference) -- and it will eventually
>> 'wither away' and die.
>> And, if 'goodmail' screws up _anything_ significant, even *once*, the
>> 'wither away and die' will happen even quicker.
> [TELECOM Digest Editor's Note: But at least Robert, you seem to be
> agreeing with my contention (in your 'amount of email AOL tosses each
> day statistics') that the practice of email/spam filtering is basically
> a waste of time, not accomplishing a lot.
No, I don't agree with your assertation. AOL mailboxes are actually
_usable_ these days. *BECAUSE* virtually _none_ of the spam that is
sent to AOL addresses gets through to the user mailbox.
Aggressive filtering can accomplish a *LOT* as far as 'keeping an
in-box clean', and usable. To wit: I see less than one piece of spam
_per_month_, on average.
It does nothing for 'solving the problem' regarding the 'added cost'
of the requisite defensive measures -- an 'involuntary cost' that
ISPs, etc. are saddled with as a result of sociopathic behavior by
persons who are _not_ their customers.
As far as the AOL users go, spam hardly exists any more and they think
that that is "simply great".
They _don't_know_ the extent of the "warfare" that is going on with
the spammers trying to force their way through, and the 'good guys'
fighting back.
And they _don't_know_ how much they are paying for that stuff that
they never see'.
Me, I've got a filtering system that is incredibly close to perfect.
It is fine-tuned to the characteristics of _my_ incoming e-mail, and
would not necessarily give similar results for anyone else.
That said, _for_me_, I've seen less than a dozen pieces of spam in my
in-box in the last *year*. And the filtering has blocked delivery of
over 15,000 pieces of spam in that time. Of that number, _seven_
pieces were 'legitimate' mail. All from a family member, in point of
fact. Two pieces were blocked because of a filter error -- the
character string 'cialis' trips the 'pharmacy spam' block, and my
relative used the word 'specialist' in their message. The other five
messages were cases where they used their _netscape.net_ email address
as the sender, but actually the message through the mail-server of
their cable provider. My system rejects such messages -- *with* a
self-explanatory error response ; netscape mail must come from
_Netscape's_ servers. (I treat a couple of other 'frequently abused'
free-mail domains the same way.)
> And of course we know that filters can screw up also, don't we? PAT]
IF filters screw up, it is no different than if a mail-server screws
up. email is *not* a 'reliable' delivery mechanism, and *NEVER* has
been. Unfortunately, too many users these days _don't_know_, and have
*never* been told that _all_ e-mail is on a 'best effort' (at best)
basis, and they *think* it is reliable. Blame the marketing folks for
that.
_Careful_ system design ensures that the sender of legitimate mail
*knows* that there is a delivery problem with their mail, and they can
then use 'other channels' to make contact and get the message through.
_Why_ there was a delivery problem doesn't really matter, at least as
long as the system *still* passes back the 'delivery failure'
information even if the filter screwed up in classifying the message.
For my filter system, I've had to spend only about 10 minutes in
maintenance and/or trouble-shooting, in the last year. Half of that
time was running down what turned out to be the 'cialis/specialist'
collision, and tweaking the pattern-match. The rest went to adding a
few additional 'rules' to catch most of those less-than-a-dozen
messages that got through the then- existing filters. The 'netscape
sender from a Non-Netscape mailserver' messages, the _sender_ was able
to simply re-send the message with the e-mail address that matched the
system they were sending through (*WITHOUT* any intervention from my
end), and the message got through the second time around.
In that year, in addition to the 10 minutes mentioned above, I
probably 'wasted' another 3 minutes or so, on that handful of spam
messages that made it through to my in-box -- in reading enough to
decide that they _were_ spam.
A tool-rental yard (in the town I grew up in) had a big banner hanging
in their place that read: "Having the right tools is half the job."
It is even more important in the war against spam. effective
anti-spam techniques must be integrated into the 'gateway' mail-server
(where mail from the outside world _first_ touches your -- or your
service provider's -- equipment), to be truly effective.
[TELECOM Digest Editor's Note: Thank you, my spam-enabling friend, for
explaining how you and spam can peacefully co-exist on the same
planet. PAT]
Robert Bonomi (bonomi@host122.r-bonomi.com)