[oclug] I am angry. Spam went to far today. Want to fight back.
Stephen M. Webb
stephenw at xandros.com
Mon Sep 17 12:17:14 EDT 2007
On 15/09/07 19:39, Tony van Muyden wrote:
> What you are saying here is only partially right.
> It is possible to rewrite the Email protocols, to include Secure Email
> Communication. I would be a fervent supporter of this, and by the looks
> of it the rest of the world as well.
> Standards get changed all the time, and so can internet email, because
> it is in the benefit of everyone.
Unless the new protocols are 100% backwards-compatible, they will never be
adopted. If they're 100% backwards-compatible, then they will not have fixed
the problem, would they? Cf. Pandora's Box.
> There should be a system in place that is allowing you to accept an
> Originating email address / IP Address as valid, then providing your
> secure certificate to the Originating Address, after which you have
> allowed email to come through from that Originator only.
> By tying the certificate to the Email Originating IP address, a lot of
> problems will get solved.
> That means if the Spammer does not have your permission and certificate
> Good Bye ! This will kill any spam very effectively.
> This allows you to control who is emailing you !!
(1) PKI is a failure.
(2) Whitelisting is not an improvement on what we have now.
Consider the current solutions already available: the IETF senderId and
Microsoft's equivant. Neither are widely adopted and either would eliminate
an awful lot of problems. Problem is, they both require people to understand
the problem and the solution and take action. You've just eliminated the
bulk of humanity right there.
More information about the OCLUG