Re: [chairs] SPAM

[Duane Nickull <dnickull@adobe.com>]

Eduardo;

You do make some good points.  I can however track with 100% accuracy 
that spam is directly related to OASIS activity but a pragmatic view is 
good.

The reality is that the SPAM is hard to stop at the server or client 
alone.  Spammers have many tools to get through firewalls, filters etc. 
 Heuristic filters work until a spammer gets one, test with it and finds 
a way around.

I believe that SPAM should be fought in every conceivable way, but not 
at the expense of the openness of OASIS.  I would gladly sacrifice the 
transparency for the spam, as we are all doing today.

Perhaps a committee made up of a few chairs or other interested parties 
could study and make some recommendations.  The criteria could be the 
consensus that the openness must be preserved, that a human can find an 
real email address easily and spammers can be stopped with minimal effort.

I would gladly volunteer to sit on such a group.  Karl - do you have any 
suggestions?

Duane

Eduardo Gutentag wrote:

> All,
>
> I have to confess that I have watched with mounting alarm the turn 
> this discussion has
> taken.
>
> I would like to make a couple of observations, at the risk of sounding 
> heretical and
> ready to be tossed on the fire.
>
> My first cause for alarm has been the casual easiness with which the 
> openness of the
> archives has been put aside. I believe that hiding the sender of 
> archived messages in
> a manner that makes it almost impossible for most human beings to 
> respond to or contact the
> sender easily does a disservice to the spirit of openness of OASIS 
> itself. Openess has risks.
> If we can't live with this we should neither belong to nor work in the 
> OASIS environment.
> Spamming is one of the risks. Being responded to by someone one has 
> never met is another.
> Or is that in fact an advantage rather than a risk? Sometimes it's a 
> pain. Sometimes it's a real
> pleasure. Are we going to deny this to ourselves just because some 
> receive more spam than they know
> how to deal with?
>
> Another cause for concern has been the fact that *no one* has argued 
> that OASIS is
> the wrong point at which to fight the spam that individuals receive. 
> First of all, there
> is no evidence that the spam received by Duane (who started this 
> thread) can or should be
> blamed on OASIS archives. It's anecdotal. It's unprovable. In my 
> particular anecdotal case
> I don't believe I've experienced an increase in spam due to activities 
> in OASIS. 70% of the
> spam directed at me goes to eduardo@eng.sun.com, which is an address I 
> have neither used
> nor signed with for years and years. It nevertheless exists somewhere 
> in the Internet; I
> don't know where and I don't care. I just filter it out and inspect 
> every so often. Because
> that's one of the points at which one should fight spam: at the client 
> level. Get yourself
> an intelligent, spam aware client or filtering mechanism and smile. 
> Don't mess with the
> OASIS archives just because your IT department tells you you have to 
> use a bad client. Don't
> mess with the OASIS archives just because your IT department does not 
> know how to filter spam.
> The right points at which to fight spam are the client, the server, 
> the law and the email
> standards, not the OASIS archives.
>
> Just like the only proven way of securing a computer from internet based
> attacks is by unplugging it from the net, the only proven way of 
> protecting oneself from spam
> is by not sending email: every time you send email to someone whose 
> computer could be
> the victim of a virus, you run the risk of having your address 
> forwarded to a spammer. Are
> you going to stop sending email because of that? Or are you instead 
> going to try to get the
> right protection at the right level?
>
>

-- 
Senior Standards Strategist
Adobe Systems, Inc.
http://www.adobe.com