Lazy network operators

The spammers are already creating throw-away domains; they'd do the
same with mail sender authorizations. "I am Spam, Spam I am" -- and
send their turds and run.

    --Steve Bellovin,

Steve, this is not an authorization problem. I know that is how you like to
characterize it. Yes, any spam house will simply say, please open the door,
and have it done. I don't claim to attempt to validate the customer intent,
and this doesn't address that portion of the problem.

The problem is one of the default network behavior. Giving every PC default
access to every mail server, combined with the state of individual machine
security, results in situation where spammers can harvest farms of open
machines which can originate email. If we can fix this by changing default
behavior to make such machines less useful to hackers, while still allowing
anyone who wants to originate to do so at will via configuration, what is
the harm? To date, the most vocal objections have come from architectural
purists and manufacturers of disk storage.