[Mailman-Users] Goodmail spells doom for mailing lists?

Brad Knowles brad at stop.mail-abuse.org
Sat Mar 4 10:00:24 CET 2006 

At 5:53 PM -0800 2006-03-03, Dave Crocker wrote:

>  AOL creates a specialized, rather expensive process that it provides for
>  free, to ensure delivery of a class of mail.

	Unless you mean "all mail" when you say "class of mail", then no 
-- not really.  So far as I know, they did not have any "certified 
mail" type of solution that they made available to the paying 
spammers.

>                                                The operation of this
>  mechanism is pure overhead for AOL.  Worse, it is distinct to AOL.  To
>  the extent any other receive-side ISP operates such a service, it is
>  entirely independent of AOL.  That is, anyone wanting on these special
>  lists must to special things for each of these lists.

	Very few other operators in the world have attempted to run an 
enforced whitelist solution of the sort that AOL has developed.  I 
disagree that this was necessary on AOL's part, but to the extent 
that it was/has been, this was just one of the prices they paid for 
being the biggest bully on the block.

	In essence, they are an attractive nuisance, and they may have to 
defend against that more vigorously than other providers might.

>  So along comes a few companies who are trying to find ways to let
>  receive-side ISPs outsource the job of assuring that trustable bulk
>  mail is, in fact, trusted.  (That is, the receiver wants this stuff and
>  these services are provding ways to assure that they get it.)

	That's the key point I don't believe.  I don't trust net-nanny 
companies to properly operate an IP-address based black list, nor do 
I trust that these kinds of operations will remain secure even if 
they could be properly operated.  See 
<http://www.boingboing.net/2006/03/01/saudi_arabia_joins_l.html> and 
<http://www.boingboing.net/censorroute.html>.

	Goodmail is just going to sell out to the highest bidder(s). 
Even if they don't do it today, they'll get bought by someone who 
will.  And then everyone who built Goodmail into their system will 
have given spammers a level of unequaled access.

>  Or perhaps it is my unwillingness to take *possible* mishandling of such
>  a service as being the same as *definite* mishandling.  Perhaps it is
>  just that I have yet to see a capability that was worth having that could
>  not also be abused.

	There's an old saying about power and corruption.  Through these 
types of deals, Goodmail will have unprecedented power over the 
mailboxes of hundreds of millions or even billions of people, and 
that kind of power is guaranteed to be absolutely corrupting.

	But then I guess you'd label me a privacy nut and go off and 
implement such systems anyway.

-- 
Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

  LOPSA member since December 2005.  See <http://www.lopsa.org/>.

More information about the Mailman-Users mailing list