<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: SMTP AUTH, martin@localhost


John,

Indeed, more brainstorming should be done for technical/juridical solutions
to prevent spam at all.  Some ideas I have been thinking about
in the past:
1) Only accept digitally signed E-mail.  Then you know at least the
   real sender of the mail.  Needs the global CA infrastructure which
   will probably not be there in the next years, and the integration
   of the CA infrastructure in mailers.
2) Just ask an amount of money from the site from where you received
   spam.  If they don't pay, they get blocked.  If they were misused,
   they should claim the money from where they were misused.
   Needs a clear distinction between spam and regular bulk mail,
   and something like a quick handling Internet police and Internet
   court of Justice (or some generally accepted clearinghouse).
3) Make some system where you exchange only E-mail with correspondents
   you accept, or with a Subject you like.  Most of these systems
   fail nowadays because when A wants to mail to B, but B does not
   accept mail from A and sends a "register" command to A, and A forgot
   to register B as valid mail correspondent, the initial handshake
   between A and B will never initialise.  The problem of the
   maintenance of the valid recipients lists could e.g. be solved
   by coupling mailers to databases, and when A mails to B, B gets
   automatically and immediately added in the valid recipient list of A.
   Mails to majordomo or listserv or list aliases (owner-, request, -)
   should be examined by the mailer, and the list should be added
   to the list of valid recipients as well.  The subject header
   could be parsed, and mails with a subject you mailed yourselves
   will be accepted in the future (e.g. from now on, everyone can
   mail me if the subject contains  SMTP AUTH).
   If mail is received from a correspondent not in the allowed list,
   some procedure to register can be made via the web.
4) Go to court with people selling spam software or databases
   with E-mail addresses.

These are just some ideas, I know none of them will work perfectly
without changing/adding laws, behaviour, protocols and/or software,
it is just something to start a discussion.

But from the total amount of mail we receive at our university,
50% is spam that doesn't get in due to our spam filters, from the
other 50% I guess half of it is also spam that we can't block
easily.  If the spam/normal mail ratio goes up from 1/1 to 5/1,
I think a lot of users will leave E-mail and the Internet.

-Herman-




<<< Chronological >>> Author    Subject <<< Threads >>>