Mowe Z. Slowley wrote:
> coyote wrote:
>> Paul E. Schoen wrote:
>>> "coyote"
wrote in message
>>> news:d_adnXl7AqZgQa7bnZ2dnUVZ_t2tnZ2d@giganews.com...>>>> Paul E. Schoen wrote:
>>>>
>>>>> I proposed a penny per email (or post) "tax", which would have cost
>>>>> the perp in this case only $60. Sometimes you have to give up a
>>>>> portion of your freedom when someone else abuses that freedom for
>>>>> cowardly and immature actions such as this.
>>>> It wont work. People have been proposing this solution for years, and
>>>> it wouldnt have worked when it was first suggested and it most
>>>> certainly will not work now.
>>>>
>>>> Back in 2004 John Levine wrote this document explaining why not:
>>>>
http://www.taugh.com/epostage.pdf
>>>>
>>>> If you need to look him up:
http://www.johnlevine.com/
>>>>
>>>> All the issues he raises are still valid, and the advent of large
>>>> zombie networks since then make your idea even less useful. The
>>>> ultimate result of taxing email would be that the criminals get a
>>>> free ride and people like my mom and dad pay for it.
>>>>
>>> I can understand some of the arguments and issues about epostage, but
>>> it still seems incredible that so many imposters and high volume
>>> spammers can continue to operate without being detected or penalized
>>> in any effective way.
>> When talking about email spam, the bulk of the really criminal
>> operations are accomplished through the use of botnets. These are
>> organized and paid for by the likes of the Russian Mob. There really
>> aren't that many criminal spammers out there; the numbers are pretty
>> much agreed upon to be in the low hundreds. They're very well funded,
>> very smart, and very organized.
>>
>> This is why an email tax will not work. The real spammers (as opposed to
>> merely stupid bulkmailers) send their mail through compromised personal
>> computers, a few at time to avoid setting off alarms - they can do that,
>> because their botnets are huge - and thus the cost would (and does
>> already, though indirectly) devolve onto the end user.
>>
>>> It seems incredulous that the recipients of email pay the cost.
>> Incredible, and wrong, but thats what happens when one takes a protocol
>> that was not designed for the use it is being put to, and keep tacking
>> shit onto it in a futile effort to fix it. Now its too big to go back
>> and start over, and do it right.
>>
>> It is an almost purely reactive war, this fight against spam, it has to
>> be, and that means the good guys are always scrambling to keep up. They
>> are hampered by laws, ethics, underfunding/staffing and fear of false
>> postives. The criminals are quite free of any of these problems.
>> And the end user pays the price.
>>
>> Legitimate bulkmailers spend a great deal of time and money trying to
>> comply with ISP policies. This is made very difficult by the lack of a
>> cohesive policy, the end result being that each ISP does things its own
>> way and the senders have to accommodate.
>>
>> The cost of transporting all the unwanted mail comes straight out of the
>> ISP's pockets, which means that it comes out of their customer's pockets.
>>
>>> Actually, email is probably easier to control, with simple means as I
>>> have seen requiring the sender of each email to register with the
>>> recipient's spam blocker service.
>> You'd be surprised how hard that really is to accomplish. It doesnt
>> scale well.
>>
>>> Newsgroup spam and flooding are perhaps more serious issues, and are
>>> fundamentally different even though the mechanics of posting a message
>>> are similar. AIUI, NG posts are received and stored by a limited
>>> number of servers, and propagated on the internet until all have been
>>> received. It should be a simple process for these servers to ask for
>>> validation from the original sender.
>> What sort of validation? Most NNTP servers require authentication as it
>> is. Do you mean an image captcha? Such a thing would never fly.
>>
>> Then there is the problem that Usenet is worldwide, and getting all NSPs
>> to follow the same policy is faced with the same issue I was mentioning
>> above, with the ISPs & email.
>>
>>> Such a process might involve a few more steps for me to post a
>>> message, but it would be worth it to clean up this mess.
>> I understand your frustration, believe me, at least in regard to email
>> spam.
>>
>>> Also, I don't see why it is so hard to impose a fair "tax" on the
>>> sender. Users with a paid-for ISP account, such as I have, could
>>> easily be monitored by the ISP for number of emails and posts sent,
>>> and/or volume in terms of megabytes per month of data.
>> Yeah. And most already do get monitored. If Joe Blow user one day
>> suddenly spikes the numbers of his outbound mail, many ISPs now shoot
>> first and ask questions later, on the (usually correct) assumption that
>> his machine is compromised. Many ISPs have mechanisms in place to either
>> suspend, ratelimit, or otherwise challenge someone sending that much
>> mail who doesnt really have a reason to.
>>
>> Consider this scenario, though. You are User A, who has a broadband
>> connection and leaves his computer on most if not all of the time, like
>> many people do. User A unwittingly becomes compromised, his machine
>> zombified and now part of a botnet. Every few days, the botnet tells his
>> machine to send out 10-15 spams, usually right through his ISP's
>> outbound primaries, which gives User B a much greater chance of having
>> his mail delivered. His machine sends them, his ISP does *not* catch it
>> because the volume is so low, and User A has a small increase on his
>> monthly bill that he may not even notice.
>>
>> User B(otnet Guy) has millions of computers like the one belonging to
>> User A. By rotating through them, he keeps a valuable resource - an
>> undetected zombie - and pays no cost to send his 100s of millions of
>> emails a week. Who pays? User A.
>>
>>
>>> I think incoming mail is already monitored,
>> In most major ISPs, it is closely monitored, yes.
>>
>>> and I could be charged extra if it exceeds some limit. Fortunately my
>>> Postini spam/virus filter catches most of the crap and makes it easier
>>> to trash it.
>>>
>>> Unfortunately, most of the spam and abusive behavior probably
>>> originates from free accounts, or from high level operators who run at
>>> a level similar to ISPs. I think the providers of free accounts should
>>> be held more accountable for the actions of their patrons, and I don't
>>> see any problem with limiting "free" accounts to a reasonable volume
>>> of traffic. Free accounts are generally driven by advertising anyway,
>>> so limiting them IMHO is a "good thing".
>> I dont know about other big freemail providers, but I do know AOL
>> ratelimits their users' outbound mail, for example. Hotmail does as
>> well. Id be surprised if the other big guys do not do this, but the
>> problem is not usually the big ISPs. Its the little ones, and the ones
>> run in countries that just dont give a fuck (Italy being a great
>> example. The various Italian freemail services are blocked by most of
>> the big ISPs, because of the egregious abuse of them and a total lack of
>> responsiveness from their admins), ISPs that just dont have the money or
>> staff to regulate their mail, bulkmailers with "free" sending platforms
>> that only require a valid credit card, etc.
>>
>>
>>> It seems that abusive behavior has taken a sharp upturn recently, and
>>> it may have the potential to effectively cripple free communication on
>>> usenet.
>> Nah. Its always been like this, at least on Usenet...you just apparently
>> havent been in the path of it before. It has its cycles, like anything
>> else, and the tide will eventually recede, only to return again in the
>> future. Do you remember all the fun with HipCrime, about 10 years ago?
>> The same was being said then. Nothing new under the sun.
>>
>> I will grant you that the problem is being exacerbated by the situation
>> I described above (lots of perma-connected, compromised pcs on a
>> broadband connection) but that really seems to be affecting email spam
>> more than anything. Usenet really stopped being a paying proposition for
>> spammers a while back. Not enough people read it to make it worth their
>> while.
>>
>> Now, if you are talking about the trolls, well....thats not spam (at
>> least not the way I define it), and there really is nothing you can do
>> about trolls except ride it out. Annoying people is not a crime, much as
>> many would like it to be.
>>
>>
>>> Individual users can take steps to reduce their influx of spam, by
>>> changing their email addresses and using spam/virus filters. Usenet
>>> seems to be a "sitting duck", and recent ploys have been effective in
>>> limiting the usefulness of killfiles and other means. I don't claim to
>>> have the answers, but I am willing to pay a premium in money or
>>> inconvenience to eliminate this problem.
>>
>> "this problem" - which, specifically? You are talking both about spam,
>> and about trolls, and the two have really no relationship.
>>
>> Spam, you can do stuff about. Trolls, not so much. As long as there is
>> anonymity on Usenet, trolls will be around. If they really bother you,
>> get a better newsreader with more flexibility in its killfiles than
>> Outlook Express. It's abilities are very limited. Forte' Agent is a good
>> one, and there is a free version.
>>
>>
>>> And, if the perps can be detected and tracked down, there should be
>>> effective punishments and sanctions that will keep them from repeating
>>> their destructive behavior
>> What destructive behavior? Being irritating in ASCII is...well, pretty
>> harmless, and a better newsreader can make them vanish from your reality
>> if you so desire. Usenet has *always* been like this, and a thick skin,
>> a sense of humour, and excellent killfiles are necessary if you want to
>> survive out here with your sanity intact.
>>
>> Usenet Performance Art (
http://en.wikipedia.org/wiki/Meow_Wars) has been
>> around for a long time, has many flavours, and it is not going anywhere.
>>
>>> and be a deterant to others who would like to engage in such childish
>>> pranks that are, or should be, criminal.
>> You are saying something that has been said many times before, and being
>> "childish" remains a non-criminal act.
>>
>> Most normal NSPs do not care what you do on Usenet as long as you are
>> not engaging in genuinely criminal behavior (child porn, etc) and dont
>> nym-shift to get around people's killfiles.
>>
>> Others are less discriminating and allow pretty much anything except,
>> again, actual crime.
>>
>> So it goes.
>>
>
>
> coyote, you are so good.
> I enjoy learning from you.
>
Thanks, Mowez. Im glad *someone* noticed this post, I put a lot of time
into it :)
If you have questions, Ill be glad to attempt to answer them, to the
best of my ability without tripping over my NDA. There is much in the
way of generalities I can discuss, though!
--
~coyote
