Clueless service restrictions (was RE: Anti-spam System Idea)

Thank you. You've got it exactly right.

    --Steve Bellovin,

Thank you Tony, i was trying to comment but you made the exact point
  i was trying to make.

itojun@IAB hat on

I also agree.

The RFC for mail was very well designed. If people simply stuck to the
orginal RFC (~800 something) and managed more of their own small systems
then this spam thing just wouldn't be the problem that it has become...
would it?

Cheers Don

Steven M. Bellovin wrote:

The Internet has value because it allows arbitrary interactions where new
applications can be developed and fostered. The centrally controlled model
would have prevented IM, web, sip applications, etc. from ever being
deployed. If there are any operators out there who still understand the
value in allowing the next generation of applications to incubate, you need
to push back on this tendency to limit the Internet to an 'approved' list of
ports and service models.

Thank you. You've got it exactly right.

Does that then mean that there is in fact a requirement to allow into
the Internet from its connecting networks every single packet offered?

Or is it OK, just as a mind game, to deny access to packets that can
clearly have no possible (not "no conceivable", "no possible")
productive use--such as packets that claim to be sourced from a
place distant from the network they arrived from for example?

Aviation is another world for which I have been soured for a number of
years (largely because of regulations that make no sense to me, but that
screed is for another time and another place), but there used to be a
useful segregation--I no longer remember the proper names. But there
were classes of aircraft (and of aircrews) that were pretty rigidly
regulated, inspected, measured, and tested which were allowed to be
used to carry large amounts of human flesh or of other peoples property
for hire.

Another, less stringently governed group was allowed to do things for
hire (read: also in production service) for things not included in my
first group, but generally they could go the same places and do the same

And so on--down to an "Experimental" (I'm pretty sure that is the right
name for it) group that was restricted to certain airspace, certain
air fields, certain uses all intended to assure that the production folk
and folk who did not want to be involved at all were not at undue risk,
while allowing innovation and other really good things.

The problem is that literally 95% of the end hosts on the internet are running
software that's not capable of being properly managed by the people who are
alledgedly managing them.

(Yes, that was carefully phrased that way, because there's *multiple* failures
in the basic model. Lots of blame to go around on this one).

Any real solution is going to have to deal with the fact that properly administered
systems are in the distinct minority.