Anti-Spam Research Group

Ian Eiloart | 1 Mar 2010 12:52

Picon

Re: Summary of junk button discussion

--On 27 February 2010 14:08:37 +0100 Jose-Marcio Martins da Cruz 
<Jose-Marcio.Martins <at> mines-paristech.fr> wrote:

> Alessandro Vesely wrote:
>> On 27/Feb/10 07:22, Chris Lewis wrote:
>
>>
>>> I'm aiming for a specification that permits a single <user action> to
>>> communicate upstream for _both_ filtering and reporting purposes,
>>> where whether it's used for filtering or reporting or both in any
>>> given instance is up to the site admin and/or end-user.
>>
>> +1, and I would welcome an efficient IMAP implementation in that sense.
>> However, the spec should also allow to just send complaints.
>
> +1. "upstream communication is the idea". It's up to the (email
> address|device|...) to interpret how to interpret it and what to do with.

This is very sensible, but when you say "single <user action>", are you 
voicing support for the notion that only a single bit of data will be 
transmitted? Or will the vocabulary be richer than that? How about an 
extensible vocabulary?

For example, User Agents also have spam filters. It might be useful for 
such a filter to be able to make reports back to the administrator. Also, 
the user or the user's filter might want to say "this is not junk". Thus we 
have at least four messages that we might want to communicate to the admin. 
And, that's before we allow the user to express views on the type of junk 
that's present (boring versus offensive or potentially criminal).

(Continue reading)

John Levine | 1 Mar 2010 20:25

Re: Summary of junk button discussion

>This is very sensible, but when you say "single <user action>", are you 
>voicing support for the notion that only a single bit of data will be 
>transmitted? Or will the vocabulary be richer than that? How about an 
>extensible vocabulary?

If it sends an ARF report, you can put whatever you want in the ARF,
although I wouldn't want to attempt to standardize a lot of stuff that
nobody uses.  We already made that mistake with ARF, and one of the tasks
of the MARF WG is to strip out the useless crud.

>For example, User Agents also have spam filters. It might be useful for 
>such a filter to be able to make reports back to the administrator. Also, 
>the user or the user's filter might want to say "this is not junk". Thus we 
>have at least four messages that we might want to communicate to the admin. 
>And, that's before we allow the user to express views on the type of junk 
>that's present (boring versus offensive or potentially criminal).

After years of experience with webmail junk buttons, the only messages
they've found useful are "junk" on regular messages and "not junk" on
stuff in the junk folder.  I don't see why MUA users would be any
different.  If you want to encode stuff in the ARF report to say whether
the opinion is from a human or from software, you can, although it is
again not clear how useful that would be.

R's,
John

Alessandro Vesely | 2 Mar 2010 09:52

Picon

Re: Summary of junk button discussion

On 01/Mar/10 20:25, John Levine wrote:
>> This is very sensible, but when you say "single<user action>", are you voicing support for the notion
that only a single bit of data will be transmitted? Or will the vocabulary be richer than that? How about an
extensible vocabulary?
>
> If it sends an ARF report, you can put whatever you want in the ARF, although I wouldn't want to attempt to
standardize a lot of stuff that nobody uses.

But what is the relationship between the report and the button? 
Apparently, "single<user action>" excludes automated reports.

> If you want to encode stuff in the ARF report to say whether the opinion is from a human or from software, you
can, although it is again not clear how useful that would be.

That field may be useful in sorting out a report's consumers in a 
generalized FBL. Some mailbox providers notify via FBL when users hit 
that button, but not when messages are automatically blocked.

Also, humans make errors in a different way than software, hence any 
correction mechanism should be differently tailored.

Ian Eiloart | 2 Mar 2010 11:49

Picon

Re: Summary of junk button discussion

--On 1 March 2010 19:25:08 +0000 John Levine <johnl <at> taugh.com> wrote:

>
> After years of experience with webmail junk buttons, the only messages
> they've found useful are "junk" on regular messages and "not junk" on
> stuff in the junk folder.  I don't see why MUA users would be any
> different.  If you want to encode stuff in the ARF report to say whether
> the opinion is from a human or from software, you can, although it is
> again not clear how useful that would be.

To me, as an administrator, I'd give more weight to a human opinion. In 
part, that's because the human is less likely to actually see a message 
that the client filter had spotted. It's the hard to spot email that I want 
to inspect.

I still want to know why Twitter's experience - which distinguishes between 
"block" and "report" isn't useful in this context. They seem like clear 
distinctions to me, and they're verbs, not adjectives, so they make 
explicit the resultant action. For privacy reasons, I think it's important 
that people are aware that a report is being made.

Now I think of it, "junk" is a verb, too, so its use in a button could 
easily be misinterpreted as equivalent to "trash" - less strong than either 
"block" or "report".

--

-- 
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148

(Continue reading)

Rich Kulawiec | 2 Mar 2010 14:18

Summary/outline of why the junk button idea is pre-failed

I'm going to try to summarize and enumerate some of the arguments against
the general idea of a report-as-spam button.  My position is that several
of these points (individually) make the case that it's a truly bad idea
and should be abandoned immediately and permanently, and that collectively,
they're an overwhelming rationale.  Others differ, of course.

This is a *summary* and not an attempt to provide every nuance
of every argument, so nitpicking is discouraged.  You may rest
assured that I read the traffic on this list and have been paying
close attention to the spam problem for the past several decades. 

1. User incompetence

	Users have spent the last quarter-century conclusively proving
	that they cannot reliably discern spam from non-spam.  They stack
	the pile of evidence higher every day, by misclassifying spam
	as non-spam and vice versa, by replying to spam, by trying to
	unsubscribe from spam, by falling for phishes, by handing over
	valuable information to spammers, etc.	How many "unsubscribe"
	requests do we see sent to entire mailing lists, even by
	supposedly-mail-literate technical personnel?  How many people
	on public mailing lists cannot distinguish between on-list and
	off-list replies?  It's not reasonable to expect that anyone who
	has failed to master these rudimentary email tasks will be able
	to distinguish spam from non-spam, especially when some spam is
	more competently composed and delivered than some non-spam.

	This is, I'm sorry to say,  not a solvable problem.  And it will
	steadily get worse as more (less-experienced) people get online,
	and as spammers get craftier: evolutionary pressure on spammers

(Continue reading)

Daniel Feenberg | 2 Mar 2010 14:40

Re: Summary/outline of why the junk button idea is pre-failed


On Tue, 2 Mar 2010, Rich Kulawiec wrote:

> I'm going to try to summarize and enumerate some of the arguments against
> the general idea of a report-as-spam button.  My position is that several
> of these points (individually) make the case that it's a truly bad idea
> and should be abandoned immediately and permanently, and that collectively,
> they're an overwhelming rationale.  Others differ, of course.
>
> This is a *summary* and not an attempt to provide every nuance
> of every argument, so nitpicking is discouraged.  You may rest
> assured that I read the traffic on this list and have been paying
> close attention to the spam problem for the past several decades. 

This message ignores the existence of TIS buttons on existing MUAs for 
webmail operators, and the actual experience that those operators have.

>
> 1. User incompetence
>
> 	Users have spent the last quarter-century conclusively proving
> 	that they cannot reliably discern spam from non-spam.  They stack
> 	the pile of evidence higher every day, by misclassifying spam
> 	as non-spam and vice versa, by replying to spam, by trying to
> 	unsubscribe from spam, by falling for phishes, by handing over
> 	valuable information to spammers, etc.	How many "unsubscribe"
> 	requests do we see sent to entire mailing lists, even by
> 	supposedly-mail-literate technical personnel?  How many people
> 	on public mailing lists cannot distinguish between on-list and
> 	off-list replies?  It's not reasonable to expect that anyone who

(Continue reading)

Jose-Marcio Martins da Cruz | 2 Mar 2010 14:52

Picon

Re: Summary/outline of why the junk button idea is pre-failed

I'm top posting to give a short answer. Sorry.

I do research on anti-spam filters. Some ideas I investigate are related to
having user feedback, reliable or not. For my requirements, John is right :
I just need two kind of feedbacks : this is ham/wanted or this is spam/unwanted.
This is ok for me.

I may agree with some of your arguments. But OK, you're not interested in
having user feedback. Other people are. So, let they get it. If you think
this is useless, just don't use it. It's an option : MAY, not MUST.

Regards,

JM

Rich Kulawiec wrote:
> I'm going to try to summarize and enumerate some of the arguments against
> the general idea of a report-as-spam button.  My position is that several
> of these points (individually) make the case that it's a truly bad idea
> and should be abandoned immediately and permanently, and that collectively,
> they're an overwhelming rationale.  Others differ, of course.
> 
> This is a *summary* and not an attempt to provide every nuance
> of every argument, so nitpicking is discouraged.  You may rest
> assured that I read the traffic on this list and have been paying
> close attention to the spam problem for the past several decades. 
> 
> 1. User incompetence
>

(Continue reading)

Alessandro Vesely | 2 Mar 2010 15:46

Picon

Re: Summary/outline of why the junk button idea is pre-failed

On 02/Mar/10 14:40, Daniel Feenberg wrote:
> On Tue, 2 Mar 2010, Rich Kulawiec wrote:
>
>> This is a *summary* and not an attempt to provide every nuance of every argument, so nitpicking is
discouraged.  You may rest assured that I read the traffic on this list and have been paying close attention
to the spam problem for the past several decades. 
>
> This message ignores the existence of TIS buttons on existing MUAs for webmail operators, and the actual
experience that those operators have.

In addition, it apparently assumes that users send reports directly to 
spammers.

>> 5. Duplicates existing functionality
>>
>>     All competently-run sites support the RFC 2142-stipulated
>>     "abuse" role address and have appropriately experienced,
>>     trained, qualified and diligent staff reading every message
>>     sent there.  It's trivially easy for any user to forward
>>     questionable mail traffic (with full headers of course) to
>>     the abuse address of their own mail provider, who can then
>>     decide what to do about it.  These personnel are far better
>>     situated to decipher headers, correlate against logs,
>>     assess threat severity, etc.  They're also much less likely --
>>     presuming that they're competent -- to hand over useful
>>     information to the enemy.  See next point as well.
>>
>
> I have never gotten a usefull spam complaint from a user, but it isn't because the messages weren't spam. It
was always because the user didn't include the headers. All users find it difficult to include headers

(Continue reading)

Rich Kulawiec | 2 Mar 2010 15:55

Re: Summary/outline of why the junk button idea is pre-failed

On Tue, Mar 02, 2010 at 02:52:30PM +0100, Jose-Marcio Martins da Cruz wrote:
> I may agree with some of your arguments. But OK, you're not interested in
> having user feedback. Other people are. So, let they get it. If you think
> this is useless, just don't use it. It's an option : MAY, not MUST.

You're missing most, if not all, of the point.  I suggest you re-read
my message with this idea in mind:

The primary beneficiaries of a standardized, widely-deployed mechanism
for a report-as-spam-button are spammers/abusers: they will own it
the moment they choose and will do whatever they want with it -- which is
unlikely to be good for us *whether we're using such a mechanism or not*.

Were the consequences of this confined solely to those operations who
might use such a mechanism, this *might* be tolerable: I could argue
that they fully deserve the pain they're inflicting on themselves, and
that perhaps Pavlovian conditioning would eventually kick in and get
them to stop.  Maybe.  But that's unfortunately not the case: site A's
decision to use this makes them a conscriptable-at-will attacker of
site B for all values of {A, B}.

I *strongly* recommend your attention to the discussion several years
ago on spam-l of the consequences of Verizon's choice to use outbound
SAV, wherein we all (well, maybe not "all", but those who were paying
attention) got a painful object lesson in how spammers will quickly
notice, study and employ ill-considered methodologies to their advantage.
There are some instructive points about that experience that directly
apply here -- and which should give considerable pause to anyone familar
with them.

(Continue reading)

Alessandro Vesely | 2 Mar 2010 16:44

Picon

Re: Summary/outline of why the junk button idea is pre-failed

On 02/Mar/10 15:55, Rich Kulawiec wrote:
> The primary beneficiaries of a standardized, widely-deployed mechanism
> for a report-as-spam-button are spammers/abusers: they will own it
> the moment they choose and will do whatever they want with it -- which is
> unlikely to be good for us *whether we're using such a mechanism or not*.

Would that assertion still hold, in your opinion, if 
"report-as-spam-button" is replaced by "abuse-reporting-address"?

> I *strongly* recommend your attention to the discussion several years
> ago on spam-l of the consequences of Verizon's choice to use outbound
> SAV, wherein we all (well, maybe not "all", but those who were paying
> attention) got a painful object lesson in how spammers will quickly
> notice, study and employ ill-considered methodologies to their advantage.
> There are some instructive points about that experience that directly
> apply here -- and which should give considerable pause to anyone familar
> with them.

What is the similarity between SAV or similar "callback" mechanisms 
and reporting something as spam?

Group

gmane.ietf.asrg.

Project Web Page

Anti-Spam Research Group

Search Archive

Page

1 | 2 | 3 | 4 | 5

Articles in period: 43

March 2010

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane

Recent entries

Spam sent from compromised (web)hosts vs botnet spam (26 Apr 2013)
Speaking of spamhaus... (27 Mar 2013)
Research-y (26 Mar 2013)
Spam sent from compromised (web)hosts vs botnet spam (20 Mar 2013)
asrg - research or die (20 Mar 2013)
ASRG mailing list archives? (19 Mar 2013)
DMARC (18 Mar 2013)
Most amusing broken anti-spam technique of the week (18 Mar 2013)
Closing the Anti Spam Research Group (ASRG) (18 Mar 2013)
Administrivia: nomail is no mail (17 Mar 2013)
Isn't spam a ISP issue? (17 Mar 2013)
e-postage stamps, was Welcome to the new(ish) ASRG list (17 Mar 2013)
Thinking outside the box (17 Mar 2013)
Hi (17 Mar 2013)
Welcome to the new(ish) ASRG list (16 Mar 2013)
Welcome to the asrg mailing list! (16 Mar 2013)
ASRG shut down and list move (16 Mar 2013)
Development of an object assessment format/protocol (4 Mar 2013)
The end of the ASRG (4 Mar 2013)
CFP: VB2013, Berlin, Germany (25 Feb 2013)
Some statistics on SPF and spam (12 Feb 2013)

Archives

5	April 2013
342	March 2013
5	February 2013
8	January 2013
142	December 2012
41	October 2012
8	September 2012
17	August 2012
9	June 2012
17	May 2012
1	April 2012
2	February 2012
35	January 2012
6	December 2011
46	November 2011
54	October 2011
39	September 2011
12	August 2011
3	July 2011
5	June 2011
13	May 2011
11	April 2011
117	March 2011
67	February 2011
137	January 2011
57	December 2010
29	November 2010
27	October 2010
72	September 2010
1	August 2010
8	July 2010
1	June 2010
2	May 2010
7	April 2010
43	March 2010
323	February 2010
36	January 2010
124	December 2009
19	October 2009
4	September 2009
42	August 2009
104	July 2009
289	June 2009
65	May 2009
7	April 2009
4	March 2009
79	February 2009
295	January 2009
138	December 2008
546	November 2008
26	October 2008
13	September 2008
53	August 2008
49	July 2008
19	June 2008
1	May 2008
224	April 2008
82	March 2008
23	January 2008
1	December 2007
1	October 2007
33	September 2007
2	August 2007
17	July 2007
1	June 2007
1	May 2007
7	April 2007
55	March 2007
93	February 2007
163	January 2007
16	December 2006
9	November 2006
39	September 2006
14	July 2006
86	June 2006
12	May 2006
98	April 2006
96	March 2006
97	February 2006
144	January 2006
75	December 2005
27	November 2005
8	October 2005
15	September 2005
34	August 2005
42	July 2005
93	June 2005
66	May 2005
79	April 2005
79	March 2005
40	February 2005
160	January 2005
394	December 2004
67	November 2004
33	October 2004
129	September 2004
159	August 2004
376	July 2004
159	June 2004
365	May 2004
287	April 2004
248	March 2004
295	February 2004
178	January 2004
538	December 2003
500	November 2003
377	October 2003
356	September 2003
415	August 2003
690	July 2003
882	June 2003
1051	May 2003
1368	April 2003
1550	March 2003

Design

Zawodny | Right Menu | Left Menu

Your Own Design

Paste the URL of your CSS below. Download CSS template