1997-03-27 - Re: remailer spam throttle

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: Greg Broiles <gbroiles@netbox.com>
Message Hash: 6ce32a9218bb4561ed94fd56b2b447dd324eb35bd0c24baa858574b7ee062c6c
Message ID: <3.0.1.32.19970327001712.0065b100@popd.ix.netcom.com>
Reply To: <Pine.LNX.3.94.970324222338.9176L-100000@neptune.chem.uga.e du>
UTC Datetime: 1997-03-27 08:18:42 UTC
Raw Date: Thu, 27 Mar 1997 00:18:42 -0800 (PST)

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Thu, 27 Mar 1997 00:18:42 -0800 (PST)
To: Greg Broiles <gbroiles@netbox.com>
Subject: Re: remailer spam throttle
In-Reply-To: <Pine.LNX.3.94.970324222338.9176L-100000@neptune.chem.uga.e du>
Message-ID: <3.0.1.32.19970327001712.0065b100@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>From a legal perspective, Greg is right.  However, from a practical
perspective, the important impediments to running remailers are
(1) mail recipients hate you and send lots of complaints and
(1a) usenet readers hate you and send lots of complaints 
	(if you still support news posting.)
Andy's model of a remailer in which the remailer sends the recipient 
a delivery notice with a disclaimer/waiver/etc. and the recipient returns
it to pick up the message raises the level of politeness and lowers
the amount of surprise compared to current remailers, so it's a 
potentially big win.  If I start up a remailer again some year,
other than a middleman, it'll definitely need this kind of feature.
Building the positive public reputation of remailers and remailer
operators is a critical part of keeping the remailer system running,
at least as much as convenient, widely-deployed software.

For posting to Usenet, the "we have an anonymous posting, anybody want it"
approach doesn't sound highly practical, though it could be done,
but I'd probably limit postings to moderated newsgroups (where a human
will be filtering out the blatant spam and abuse) and flame-tolerant
newsgroups like alt.anonymous.messages and alt.flames.  I find this
highly frustrating, since one of the big wins about remailers is 
posting to talk.politics.* and alt.religion.scientology and other
groups where posting your opinion with your name on it may be unsafe.
There's also the problem of publishing acceptable newsgroup lists,
since failing messages silently is unfriendly to users, but 
there's a traffic analysis problem (Bad Guys can watch who fetches
remailer use policies and build up their dossiers.)

Most of the problem with (2) Third Parties _can_ be helped a bit by
disclaimers, by plausible deniability, by not having logs to subpoena,
and by having remailers that you're willing to shut down with profuse
apologies to head off lawsuits.  It isn't a perfect job if someone
really wants to go for blood by making you defend repeated lawsuits
(especially if they're really targeting you, e.g. posting their
Secret Documents through your remailer themselves to entrap you.)
But it'll let most remailer users defend against most reasonable 
complaints.

I do also agree with Greg that getting the sender of a message to
indemnify you isn't worth the recycled electrons used for the
log file you aren't keeping.  That's especially the case if
you're forwarding messages received from other remailers,
unless you can get other remailer operators to indemnify you,
in return for which you'd probably have to indemnify them.  No thanks.

At 01:58 AM 3/25/97 -0800, Greg Broiles wrote:
>I think there are two broad models of complaints/problems with remailers:
>1. The recipient is angry because they received a message they didn't 
>like. (because it's an advertisement, or it's rude, or [....]
>2. A third party is angry because the sender sent some information to the
>recipient which the third party thinks should not have been sent. 
>(copyright, >trademark, defamation, tortious interference [...] 

>Your "contract" model (which looks like you really mean it to be a 
>waiver of warranty/damages and/or an indemnification agreement) 
>addresses (1) to the point of overkill, but it doesn't reach (2), 
>because there's no contract with the third party, who is the party who's
>likely to be filing suit.
>(Indemnification by the sender might work, if you worded the contract
>correctly - but then you've got to abandon anonymity, and the value of
>indemnification from person you don't know whose assets/finances are
>unknown is pretty low.)
>
>Further, some fraction of the messages causing concern are message sent 
>or available to minors .. whose contracts (modulo some exceptions) are 
>voidable at their option. :(

>>..[disclaimers]..
>[doesn't help 2 for same reason]



#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#     (If this is a mailing list, please Cc: me on replies.  Thanks.)






Thread