<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

[anti-spam-wg@localhost] Spam, money, politics...


At RIPE-41, I posed two questions, one concerning the technical issue of whether the standard engineering 80-20 rule would be useful for closing spam paths. This issue has been dealt with indirectly over the past couple of WG meetings (which, unfortunately, I have not been able to attend).

The second question was if - for the sake of argument - an amount of money was made available to the anti-spam working group for the purposes of combatting spam, how would the WG use it most effectively? The purpose of this question was to examine whether it would be useful to change the direction of the anti-spam wg from a information sharing group with a close eye on the industry, to a more proactive direction, potentially making public noise or one form or another, or sponsoring research, or getting more involved in legislation, or whatever.

So I ask the question again: if money were available somehow or another, could the WG use it effectively, and if so, how?

At the time the question was asked initially, the pressing issue was open relays in Korea. These days, things are different - open SMTP relays are much more under control, only to have been supplanted by many other things: "pink" contracts, virally-propagated trojan relays and so forth. But the underlying problem has got worse - much, much worse.

Not least among my concerns is the fact that we still have an 80-20 problem, or at least a 90-10 one: 90% of the spam we receive is believed to originate from a small number of individuals in the US, and most of these people are based in a small number of states. And as the main perpetrators and "crime locations" have been identified by organisations like Spamhaus, it would make sense to me to concentrate efforts (if it is felt that this is a useful thing to do) on dealing with a relatively small but potent target.

Now that opt-out spam has effectively been banned europe-wide, the US Congress looks likely at the moment to legalise opt-out at some stage in the future, which is a disasterous idea. This would just legitimise the problem, rather than controlling it in any way.

Would there be any support for creating some form of political lobby system to pressurise the US Congress and / or the Florida / other US state legislature? Would it be possible (or wise!) to involve the EU in some shape or form, as they have would significantly more clout than the RIPE anti-spam WG (whose impact in the US will be delta away from zero, let's face it).

I realise that this is a pretty substantial step aware from dealing with spam at a technical level, but I suspect that it's an approach which might well do some long-term good if it were taken. I'm not suggesting that legislating against opt-out spam is going to cure the problem, or that the RIPE anti-spam WG is the appropriate platform to launch this sort of effort, but it will create serious legal problems for existing spammers and much higher barriers to entry to potential new spammers.

Thoughts on this? Or how would you spend money to combat spam, if you had some?

Nick




<<< Chronological >>> Author    Subject <<< Threads >>>