[Asrg] A paper/project worth considering (found it!)
Alessandro Vesely
vesely at tana.it
Mon Dec 15 03:31:02 PST 2008
Chris Lewis wrote:
> Rich Kulawiec wrote:
>> What I'm arguing (and I've argued this elsewhere) is that it's not
>> the role of end users to set anti-spam policy (in whole or in part)
>> any more than it's their role to set firewall policy. It's not their
>> job, and they're terrible at it.
>
> I don't think many would argue against that.
I would, for one.
There is a number of documents about user rights, in categories
ranging from general human rights, through electronic treatment of
data, to email specifically. Many of them establish very reasonable
concepts, some of which are newer than the SMTP model. How are users
supposed to exercise their rights? When we target anti-spam issues,
I'd say users may exercise their rights by setting the options in the
anti-spam policy that are provided for that purpose.
Here's an example: I had a group of users who kept their email
addresses almost secret, but occasionally my server rejected some
legit messages sent to them via a blacklisted provider (before I could
whitelist it.) Thus, they wanted to skip DNSBL checks, and I made it
optional. What's wrong with that?
In general, the reliance of a reputation system is not an objective
datum. I'd invite ESPs to let users choose which authorities they wish
to trust. It is part of the anti-spam policy, which is different from
the firewall policy: _their_ mail, _my_ server.
More information about the Asrg
mailing list