IETF creates anti-spam research group
Underscoring growing concern over spam, the Internet Engineering Task Force (IETF) has created a new Anti-Spam Research Group (ASRG) that aims to put unsolicited commercial e-mail in its crosshairs by setting standards for spam detection and potential legislation.
"We decided to go ahead now because it's clear that spam has become a serious problem for organizations," ASRG Chair Paul Judge said Friday.
Judge, who is also the director of research and development at e-mail security firm CipherTrust Inc., added that while there are a patchwork of spam-fighting tools already available, the industry has yet to take a systematic approach to the problem.
The anti-spam group will work within the organization' s Internet Research Task Force and will investigate whether a single architecture can be implemented that will allow e-mail receivers to express their consent and, more importantly, lack of consent for certain communications. This approach is due to the fact that everyone's definition of spam is different, the group said, making e-mail a consent-based communication.
"The definition of spam is highly subjective," Judge said, "so by labelling it a consent-based communication we can come up with an architecture that supports that idea."
The anti-spam group wants to develop an architecture with three components: consent expression, consent enforcement and source tracking.
According to Judge, it's important to push consent expression back closer to the source -- such as at the Internet backbone and ISP (Internet service provider) level -- to most effectively block spam. Judge envisions a system whereby ISPs set rules for the type of e-mail that they stream, with e-mail being further filtered at the Internet gateway and end-user level.
Tracking down spammers will also be a major component, Judge said, adding that this is a weakness in current solutions. The group will not only be looking to endorse spam-fighting legislation but will also look into recommending technical changes that would make it easier to identify spammers, Judge said.
"E-mail protocol was introduced many years ago and it is very trusting and open," he said.
However, the solutions the group eventually proposes will be based on whether they have a chance for wide-scale deployment and on how costly they are, in terms of both money and how much end-users would be required to change how they use e-mail, Judge said.
The ASRG will hold its first meeting March 20th in San Francisco. Judge said he expects several hundred industry players to attend from different sectors of the Internet community.
IDG News Service
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
