-----Original Message----- From: Martin Gregorie [mailto:mar...@gregorie.org] Sent: 01 December 2010 16:13 To: users@spamassassin.apache.org Subject: Re: Do we need a new SMTP protocol? (OT)
On Wed, 2010-12-01 at 07:27 -0800, Marc Perkel wrote: > I've been thinking about what it would take to actually eliminate spam > or reduce it to less than 10% of what it is now. One of the problems is > the SMTP protocol itself. And a big problem with that is that mail > servers talk to each other using the same protocol as users use to talk > to servers. > I don't think that would help at all. Bots would just pretend to be mail servers and use SMTP. Any other form of spam could be circumvented by setting up spammer-owned MTAs that spammers would use to inject spam. IMO the best solution would have been a charge per e-mail provided it was universally enforced. A small charge, e.g. $0.001 to $0.01 per addressee per message would be almost unnoticable to a normal user or business while still being enough to discourage volume spammers by wiping out their profits. Another benefit would be that the bill received by a bot-infected user would serve as a powerful wake-up call to get disinfected. Martin -------------------- I think the SMTP protocol should stay. We seem to live in an age where we change the rules to suit those the rules are suppose to protect, rather than teaching the importance of rules in the first place. (read between the lines to understand that last statement :) ) Charging, for any email sent, is a 100% no no. Implementing a new protocol to solve the same problem, and do the same job, that we already have a protocol/solution for? I'm not 100% sure that's a good idea, because the ultimate goal of the spammers will remain the same. I truly fear for the day when phone calls become pretty much free, because the reason that system isn't abused as much as it could be, (numbers are WAY more predictable than letters! And end users have very little choice over the number he gets), is because it generally costs, and also goes through a third party mediator, (telco). The mechanism by which we exchange email addresses will not change, on a web site, advertising, business cards. We generally have very little control over who can get our email addresses, once we let them loose into the wild - If I send an email to anyone who is reading this directly, they can't classify that message as spam until they have already seen the contents of the message. The point is we only want messages that we want, and we can't tell that until we read it! Which leaves us with really one option, and that is to use whitelisting, and to manage that list manually using a set of rules. (remember rules, I mentioned them earlier :) ) If we wish to get rid of the spam problem for ever, we will have to relinquish the freedoms that we currently have when it comes to SMTP. People can't be trusted to act right, and will always try to find shortcuts. Using a third party will help, but will also cost. Which is a shame.