[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: FC: Spam controls considered harmful?

==================BEGIN FORWARDED MESSAGE==================

>From: Declan McCullagh <declan@well.com>
>To: fight-censorship-announce@vorlon.mit.edu
>Subject: FC: Spam controls considered harmful?
>Message-Id: <v03007805b07bb78c2c88@[204.254.21.201]>
>Date: Tue, 28 Oct 1997 11:18:52 -0500

[It's tempting to take any action necessary to combat something as noxious
as spam. But perhaps it's time to consider the problems of some of the
approaches. For instance, the legislative proposals in the U.S. Congress
would restrict or ban anonymous communications online. Below Daniel
Karrenberg raises concerns about the problems of some of the technical
proposals. --Declan]

---------------

Subject: Spam Control Considered Harmful
From: Daniel Karrenberg <Daniel.Karrenberg@ripe.net>
Date: Tue, 28 Oct 1997 12:14:18 +0100

I am worried about the tools we are developing and deploying to control
spam.

Some of them are esentially centralsied methods of controlling Internet
content.  Paul's anti-spam feed for instance prevents users of some
providers from seeing spam.  The user has no choice; they cannot opt to
receive spam other than by switching to another provider.  Even worse:
they may not even be aware that they are "missing" some content.

Combatting spam is considered a Good Thing(TM) by almost everybody here,
including myself.  However the same technology could just as easily be
used to do Bad Things(TM).  Even worse: if it works it demonstrates that
*centralised control* of the content of Internet services like e-mail is
*feasible*.  This will give some people ideas we may not like, and
sometime in the future we may ask ourselves why we have done this.  The
end does not always justify the means.  I hope that methods like the
anti-spam feed will not be taken up widely.  Please consider the
consequences before you use them.

I stress that I do not question the morality or good intentions of those
involved.  I am just concerned about the almost ubiquitous and
apparently unreflected zeal that spam seems to evoke and the danger of
it making us accept methods we would otherwise despise.  I would prefer
to see more work in technology that is less centralised and gives the
users a choice of the content they wish to see.  Yes this may be harder
to do, but the consequences of deploying the easier methods may be just
too severe.

Waehret den Anfaengen (beware of the beginnings)

Daniel

PS: I hope this is more coherent than my contribution at the meeting
yesterday when my brain failed due to jet-lag while my mouth was still
working perfectly ;-).

-------------

From: jvanick@megsinet.net (Jason Vanick)
Subject: Re: Spam Control Considered Harmful
Date: Tue, 28 Oct 1997 06:59:22 -0600 (CST)

> I am worried about the tools we are developing and deploying to control
> spam.
>
> Some of them are esentially centralsied methods of controlling Internet
> content.  Paul's anti-spam feed for instance prevents users of some
> providers from seeing spam.  The user has no choice; they cannot opt to
> receive spam other than by switching to another provider.  Even worse:
> they may not even be aware that they are "missing" some content.

Here at MegsInet, we have a procmail script called "despam"
available from ftp.servtech.com://pub/users/phoenix/despam

We put a web front-end on it so our users can turn it on and off at will.

If you have a seperate mailservers and have extra cpu cycles to burn it is
pretty much the way to go... it's totally configurable either by user or
for the entire system (only affecting users that turned it on, of course)
and has regular-expression matching to throw messages away... Plus, since
it uses procmail, it can throw messages into a file for later persual if
you so wish...

We find that this works much better than blocking them at the routers, at
the expense of more cpu power being needed on our mailservers... but then
again, it's an added feature that our customers have come to enjoy.
Plus, since it's user activated we don't have to worry about the legal issues
of us filtering content.

-- Jason
Jason Vanick ------------------------------------------ jvanick@megsinet.net
Network Operations Manager                                   V: 312-245-9015
MegsInet, Inc.        225 West Ohio St. Suite #400         Chicago, Il 60610

----------

Date: Tue, 28 Oct 1997 09:41:14 -0500 (EST)
From: David Mercer <dmercer@world.std.com>

Yes, right now the techniques Paul has used are for blocking his notion of
Spam, a certifiable Bad Thing(tm).  What is to prevent, say, China from
requiring all ISP operators to take an "Anti-Party" Black-Hole Feed,
blocking IP blocks where "dangerous" ideas are found on some hosting
operators Web Servers?  There is already at least one ISP in the US that
filters out 'un-Christian' material, using quite primitive techniques...
I'm sure they and their fellow Brothers would welcome a black hole feed
for their and related networks to block such "evil" content as
birth control material and other Bad Things(tm).

This is one, I think, that once you open the door, there is no going back.
No offense to Paul, or his good intentions, but as they say, they are what
the road to hell is paved with, no?

Just think twice, at least, I'd say, before promoting unconditional system
wide blocks on your network...Ethics is the land we're in here, and there
are no easy answers.

David Mercer
Tucson, AZ

------------

Date: Tue, 28 Oct 1997 09:57:35 -0500
From: "Jay R. Ashworth" <jra@scfn.thpl.lib.fl.us>

On Tue, Oct 28, 1997 at 08:05:47AM -0500, Chris MacFarlane wrote:
> The Moral Majority and The Promise Keepers and other fundamentalist groups
> sit on white horses waiting to ride in and save us from ourselves.  What is
> being said below needs to be considered.  Firstly, Paul mentioned the need
> to have strong checks and balances.  What does that mean and how do we keep
> him honest and ensure "we are using our powers for good"?  It's well and
> fine to say that "the Nanog Group" is watching but in reality is there any
> bite in that statement.  Do we have an audit and appeal system to ensure
> rules are applied equally and fairly?

Yes.

The choice of whether to _deploy_ the centrally generated filtering
information is decentralized.  If your provider filters out stuff you
don't want filtered out, "turn the damn channel".

This is almost identical to the NoCeM situation, wherein you can decide
from whom to take your cancel messages.  It's very much analogous to
using a movie reviewer to decide what movies to see.  You don't _have_
to listen when he says a movie sucks, and there's more than one
reviewer.

> Next once the bulk mail protocol is in an RFC I would expect the RBL to be
> disbanded certainly.  What worries me is that some other moral content issue
> is sitting on the fire and we are fanning the flame by providing method to
> the madness.  As easily this started out on spam, spam and spam we could see
> a rise in some other groups interest in deciding "content issues" for
> others.   Some thought needs to go into how to limit some of this vary type
> of methodology.

I personally think it will be self limiting, for precisely the reason I
noted above -- on top of which, the horse- (and man-)power necessary to
do this on a post per post or site per site basis is an order of
magnitude (or two, or three) higher than what's being done now.

> One idea would be to set up a "working group" to develop subscribed to
> operations guidelines and principals for ISPs.  The group could have a
> charter and systems for addressing issues like this now and in future.  They
> could have built in review mechanisms and audit systems.  Police ourselves
> or be policed!  The frontier work Paul and company have done is great but
> needs to be formalized.

Why?

Why add bureaucracy to fix something that hasn't broken yet?

Cheers,
-- jra
--
Jay R. Ashworth                                                jra@baylink.com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "Pedantry.  It's not just a job, it's an
Tampa Bay, Florida          adventure."  -- someone on AFU      +1 813 790 7592

--------------------------------------------------------------------------
This list is public. To join fight-censorship-announce, send
"subscribe fight-censorship-announce" to majordomo@vorlon.mit.edu.
More information is at http://www.eff.org/~declan/fc/

===================END FORWARDED MESSAGE===================