Re: SMTP AUTH, martin@localhost
- Date: Tue, 08 Sep 98 10:24:24 +0200
John,
Indeed, more brainstorming should be done for technical/juridical solutions
to prevent spam at all. Some ideas I have been thinking about
in the past:
1) Only accept digitally signed E-mail. Then you know at least the
real sender of the mail. Needs the global CA infrastructure which
will probably not be there in the next years, and the integration
of the CA infrastructure in mailers.
2) Just ask an amount of money from the site from where you received
spam. If they don't pay, they get blocked. If they were misused,
they should claim the money from where they were misused.
Needs a clear distinction between spam and regular bulk mail,
and something like a quick handling Internet police and Internet
court of Justice (or some generally accepted clearinghouse).
3) Make some system where you exchange only E-mail with correspondents
you accept, or with a Subject you like. Most of these systems
fail nowadays because when A wants to mail to B, but B does not
accept mail from A and sends a "register" command to A, and A forgot
to register B as valid mail correspondent, the initial handshake
between A and B will never initialise. The problem of the
maintenance of the valid recipients lists could e.g. be solved
by coupling mailers to databases, and when A mails to B, B gets
automatically and immediately added in the valid recipient list of A.
Mails to majordomo or listserv or list aliases (owner-, request, -)
should be examined by the mailer, and the list should be added
to the list of valid recipients as well. The subject header
could be parsed, and mails with a subject you mailed yourselves
will be accepted in the future (e.g. from now on, everyone can
mail me if the subject contains SMTP AUTH).
If mail is received from a correspondent not in the allowed list,
some procedure to register can be made via the web.
4) Go to court with people selling spam software or databases
with E-mail addresses.
These are just some ideas, I know none of them will work perfectly
without changing/adding laws, behaviour, protocols and/or software,
it is just something to start a discussion.
But from the total amount of mail we receive at our university,
50% is spam that doesn't get in due to our spam filters, from the
other 50% I guess half of it is also spam that we can't block
easily. If the spam/normal mail ratio goes up from 1/1 to 5/1,
I think a lot of users will leave E-mail and the Internet.
-Herman-