[Bp_spam] Working towards the first draft report

Alejandro Pisanty apisanty at gmail.com
Fri Jun 12 03:03:01 EDT 2015 

Hi,

before we narrow that scope, or adding elements to choose from, let me
mention a few points I think are worth considering (and will try to edit
into the document):

1. We should be collecting from Direct Marketers what their rules of thumb
are for metrics like the number of bounces any advertising email generates,
and whether they check RBLs etc. to measure how badly (or not) they are
being filtered.

2. The one driver of spam that is more unbeatable than sellers' and
cheaters' greed is the unpreparedness of most recipients. We will speak
about education etc. but it's mostly common sense that is missing.

3. APWG has an ongoing campaign called Stop, Think, Connect. Much of it
would apply to spam as well as it does for phishing. The Group is reaching
agreements with many organizations and governments; some will pan out. We
should have them close to us or in this group to understand better and
adopt what can be useful.

4. The economics of spam seems to reside largely on  very low hit rate -
but non-zero. Can the hit rate be made even lower? This would basically be
boycotting spammers - and then, how would people do it without being
accused of being in cahoots with the legit industries certain spam takes
business away from, like pharma, tobacco, etc.? Or can we leave that piece
of economics to them?

5. We haven't exhibited metrics. When I had the chance to implant antispam
measures in a large organization a few years ago, we set metrics for false
positives and false negatives. At the time, false positives were to be
avoided at every cost but still that is unreachable; we settled for
something like 0.1 % (i.e 1 in every thousand) legit emails would be lost.
We reasoned that this was not a bad representation for mail that makes it
through filters and still is lost for reasons like being overlooked, not
replied on time, deleted by error, etc. (do any of you think you are better
than that in your inboxes?) For false negatives we settled for like 50% but
that was an in-house operation in 2005. That would be unacceptable today in
services like Google or well-resourced private servers. Anything like this
coming from others' research or experience?

4.  Among other measures against the ill-effects of anti-spam, many users
now (I'm looking at you, don't blush) have two or more email accounts, so
even if important mail gets lost on one of them it will still make it to
another one. What is the frequency and cost of this? is this a measure that
can be recommended to users as general policy?

5. The ethics and tactics of SEO and SEO-like conducts merit a review under
the light of spam and anti-spam.

6. The rift between DKIM and SPF years ago left us with an untenable
position. Is anything on the IETF/technical side more promising? I continue
to see criticism of DMARC for not running on the most general platforms.

7. Of course we need to pay attention to "new" spam (like blog comment spam
was new...)

Yours,

Alejandro Pisanty

On Fri, Jun 12, 2015 at 1:22 AM, Christine Runnegar <runnegar at isoc.org>
wrote:

> Thank you Wout and experts.
>
> Wout, the draft you have circulated outlines an ambitious plan, especially
> given the time constraints.
>
> So, at this stage, perhaps it would be useful to consider how to narrow
> the scope further.
>
> Christine
>
>
> > On 11 Jun 2015, at 12:40 am, Wout de Natris <denatrisconsult at hotmail.nl>
> wrote:
> >
> > Dear all,
> >
> > Please find enclosed the kick off document for this BPF. At this stage
> the BPF experts invite the participants to consider and contribute to the
> streams identified in the document by responding to the IGF email group
> with their suggestions and submissions.  It is envisaged that a framework
> for the first draft will be available for group collaboration soon.
> >
> > The IGF secretariat will soon open a workspace to place your views,
> additions and comments into. I will notify you as soon as possible on this.
> From these comments we will present the first draft of the report that is
> expected to go online ca. 15 July for your reference.
> >
> > The experts and I, as consultant, are looking forward to your
> contributions that will drive this body of work forward,
> >
> > Best regards,
> >
> > Wout de Natris
> >
> >
> >
> > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> > De Natris Consult
> > Raaphorst 33                                                        Tel:
> +31 648388813
> > 2352 KJ Leiderdorp                                              Skype:
> wout.de.natris
> >
> > denatrisconsult at hotmail.nl
> >
> > http://www.denatrisconsult.nl
> >
> > Blog http://woutdenatris.wordpress.com
> > <SPAM BPF streams
> document.docx>_______________________________________________
> > Bp_spam mailing list
> > Bp_spam at intgovforum.org
> > http://intgovforum.org/mailman/listinfo/bp_spam_intgovforum.org
>
>
> _______________________________________________
> Bp_spam mailing list
> Bp_spam at intgovforum.org
> http://intgovforum.org/mailman/listinfo/bp_spam_intgovforum.org
>



-- 
- - - - - - - - - - - - - - - - - - - - - - - - - - -
     Dr. Alejandro Pisanty
Facultad de Química UNAM
Av. Universidad 3000, 04510 Mexico DF Mexico
+52-1-5541444475 FROM ABROAD
+525541444475 DESDE MÉXICO SMS +525541444475
Blog: http://pisanty.blogspot.com
LinkedIn: http://www.linkedin.com/in/pisanty
Unete al grupo UNAM en LinkedIn,
http://www.linkedin.com/e/gis/22285/4A106C0C8614
Twitter: http://twitter.com/apisanty
---->> Unete a ISOC Mexico, http://www.isoc.org
.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://intgovforum.org/pipermail/bp_spam_intgovforum.org/attachments/20150612/3530bd45/attachment.html>

More information about the Bp_spam mailing list