[e2e] latest spate of cruft postings to e2e

Dah Ming Chiu dmchiu at ie.cuhk.edu.hk
Sun Nov 9 23:08:04 PST 2003 

Rama,

I like your idea.  After listening to seemingly endless debate,
I was thinking about a similar compromise as you.

One possible refinement to your scheme:
- there will be a whitelist, initially containing only the subscribers
- as the moderators approve forwarding, they can optionally admit
  the sender to the whitelist (to minimize their future work)
- otherwise people can get onto the whitelist through the whitelist
  maintainer (sorry, Joe).

DM

----- Original Message ----- 
From: "Ramaprabhu Janakiraman" <rama at arl.wustl.edu>
To: <end2end-interest at postel.org>
Cc: <touch at ISI.EDU>
Sent: Friday, November 07, 2003 11:50 AM
Subject: Re: [e2e] latest spate of cruft postings to e2e


> Instead of either/or, why not mix-n-match?
>
> One solution:
>
> 1) There will be a set of subscribers. Their email will be forwarded
> unfiltered.  All non-subscriber email will be filtered.
>
> 2) First, there will be an automatic level-1 filter (L1) common to the
list.
> L1 will classify each non-subscriber message into "Yes" (Definitely SPAM),
"No"
> and "Maybe" cases.  The threshold between "Yes" and "Maybe" is set very
> conservatively (perhaps even to the point of eliminating the "Yes" case)
> to get a negligible false positive rate.
>
> 3) A "No" message is forwarded, and a "Yes" dropped, silently.
> A "Maybe" from L1 will be forwarded to the "moderator" for approval.
>
> 4) In the "default deny" policy, non-action by the moderator will result
in the
> email being dropped after a tunable timeout(say 4-6 hours).  In the
"default
> allow" policy, it will be forwarded after timeout. The policy is tunable
and
> depends both on the fraction of email that is non-subscriber and the
> fraction of non-subscriber email that is spam. (Perhaps the policy could
be on
> a per-message basis depending on the score it got from L1) The approval
mechanism
> can be implemented by tagging the message, so that the moderator can
> approve/deny by just replying to the tagged message.
>
> 5) In the simplest case, the moderator is the maintainer (Sorry, Joe).
Other
> options are a set of periodically chosen small (say 10-20) subset of
> subscribers. The period and type of choosing (volunteer, random or
weighted
> random based on past activity) are tunable.  For fault-tolerance (say when
a
> moderator is away from email for more than the timeout), each such message
may be
> forwarded to (and voted on by) a subset (say 3-5) of moderators.
>
> 6) Any non-subscriber email approved by a moderator will be tagged with
the
> name of the approving moderator(s) before being forwarded to the list  so
that
> if a moderator is lazy and lets spam through, the whole list will know
[and will
> get a crack at retribution in a later networking conference ;-)]
>
> 7) Ofcourse, to simplify their task, moderators can use their own
client-side
> filters.
>
> 8) If there is a risk of subscribed spammers, every message goes through
L1,
> with a large weight given to the fact that the sender is a subscriber.
>
> Such a scheme should be quite simple to implement, and IMHO seems to be an
> effective compromise. (Or atleast it might have the non-trivial benefit of
> laying the debate to rest...)
>
> I am ignoring denial-of-service attacks (inadvertent or otherwise) by
> subscribers :-)
>
> -ram
>
>
> On Fri, Nov 07, 2003 at 06:39:03AM +0500, Zartash Afzal Uzmi wrote:
> > It has happened a number of times that I needed a really quick answer to
my
> > query. It is never possible for me to subscribe to each and every list
which
> > is appropriate for my queries as they come. Everytime, I was able to
post to
> > a list (e2e included) without subscription, the query got responded
within
> > hours at most, almost invariably. In other cases, when I had to
subscribe to
> > make a post, I either refrained from posting or looked for another
similar
> > list or got approved by the moderator in a day or two or even more.
> >
> > Statistically, it will always take much longer to get a query answered
on a
> > subscriber-posting-only list compared to an open list. It is
understandable
> > that people who only post to a few lists regularly would want the lists
to
> > be subscriber-post-only. On the other hand, people who look for a list
on
> > the fly to have their queries resolved would prefer open lists. In my
> > personal opinion, if there is a significant number of people who fall in
the
> > latter category, it makes sense to make the lists open. This alos
conforms
> > to the spirit that knowledge should spread without any delay.
> >
> > Zartash
> >
> > >
> > > Perry E.Metzger wrote:
> > >
> > > > Joe Touch <touch at ISI.EDU> writes:
> > > >
> > > >>I appreciate that whitelisting is harder on the receive end of a
list
> > > >>(you can still do it, and will end up accumulating some of the list
> > > >>anyway). The content filters we use are not perfect, but neither is
> > > >>whitelisting.
> > > >
> > > > It has been years since a spam went to one of my mailing lists run
on
> > > > a "subscribers post only" basis.
> > >
> > > But it hasn't been that long since I tried to post to one and had to
> > > subscribe to post. At which point I gave up, since I don't always
want -
> > > or need - to subscribe to every list to which I might want to
> > > participate briefly.
> > >
> > > That's the behavior we're trying to avoid by the list configuration.
> > >
> > > > Can you say the same for your mailing
> > > > lists?
> > > >
> > > > I appreciate that you will never change your position, however, and
I
> > > > don't want to add noise on top of spam.
> > > >
> > > > Perry
> > >
> > >
>
> -- 
>
>

More information about the end2end-interest mailing list