[oclug] I am angry. Spam went to far today. Want to fight back.

[Stephen M. Webb]

On 15/09/07 19:39, Tony van Muyden wrote:
>
> What you are saying here is only partially right.
> It is possible to rewrite the Email protocols, to include Secure Email
> Communication.  I would be a fervent supporter of this, and by the looks
> of it the rest of the world as well.
> Standards get changed all the time, and so can internet email, because
> it is in the benefit of everyone.

Unless the new protocols are 100% backwards-compatible, they will never be 
adopted.  If they're 100% backwards-compatible, then they will not have fixed 
the problem, would they?  Cf. Pandora's Box.

> There should be a system in place that is allowing you to accept an
> Originating email address / IP Address as valid, then providing your
> secure certificate to the Originating Address, after which you have
> allowed email to come through from that Originator only.
> By tying the certificate to the Email Originating IP address, a lot of
> problems will get solved.
> That means if the Spammer does not have your permission and certificate
> Good Bye !  This will kill any spam very effectively.
> This allows you to control who is emailing you !!

(1) PKI is a failure.
(2) Whitelisting is not an improvement on what we have now.

Consider the current solutions already available:  the IETF senderId and 
Microsoft's equivant.  Neither are widely adopted and either would eliminate 
an awful lot of problems.  Problem is, they both require people to understand 
the problem and the solution and take action.  You've just eliminated the 
bulk of humanity right there.

--smw