buy a 1U, put it in a colo center (should cost you about $50/month) and
proxy all your outbound mail from there. stop thinking of broadband as
anything other than a lastmile protocol between your house and your own
piece of the internet core.
This is darn good advice. And to expand on it further,
it is time to stop thinking of Simple Mail Transport
Protocol (SMTP) as the way for everybody to send email.
For some strange reason we have managed to develop
two protocols for end users to use in talking to their
mail service provider (POP and IMAP) but neither of
them allow the end user to send email. One would think
that an authenticated session with an email service
provider would be the natural protocol to use for
injecting end user email into the system.
Imagine a world in which only ISPs run SMTP servers
which only talk directly to other servers with which
they have an offline relationship. A world in which
everybody hands over their email to an ISP for onward
delivery in order to get it into the system. A world
in which it is virtually impossible to send anonymous
or forged email without the cooperation of an ISP.
To get to this world we have to stop trying to fix
the SPAM problem. Instead, we have to fix the email
architecture problems which have created the environment
in which SPAM can thrive. A new architecture might
not prevent SPAM but if it makes spamming hard to
do and has rate limits that make it very hard to do
high volumes of unauthorized email then most people
will not care about the small volume of SPAM.
We need to start with an Email Service Consortium with
a code of email server practices in which the larger
ISPs agree to stop accepting SMTP connections from anyone
who is not in the consortium or a customer. This will get
everyone implementing a set of well-known and consistent
controls.
We need to add email sending capability to both POP
and IMAP so that eventually we can all block port 25
entirely from broadband/dialup edges.
And we need to reinstate the use of SMTP relays in
order for smaller ISPs to have access to the core of
the email system.
--Michael Dillon
* Michael.Dillon@radianz.com (Michael.Dillon@radianz.com) [Mon 09 Feb 2004, 11:40 CET]:
Imagine a world in which only ISPs run SMTP servers
which only talk directly to other servers with which
they have an offline relationship. A world in which
everybody hands over their email to an ISP for onward
delivery in order to get it into the system. A world
in which it is virtually impossible to send anonymous
or forged email without the cooperation of an ISP.
Yuck.
(I'm getting flashbacks to a certain Dr. Strangelove scene right now.
And to some from Brazil, too.)
-- Niels.
Michael.Dillon@radianz.com writes:
We need to add email sending capability to both POP
and IMAP so that eventually we can all block port 25
entirely from broadband/dialup edges.
What's wrong with port 587 (rfc 2476 sec. 3.1) and requiring SMTP AUTH
(rfc 2554), as people have widely deployed today? The problem is
education; the technology is already widely available and deployed.
And we need to reinstate the use of SMTP relays in
order for smaller ISPs to have access to the core of
the email system.
This is obviously some use of the term "need" to which I am heretofore
unaccustomed.
---Rob
buy a 1U, put it in a colo center (should cost you about $50/month) and
proxy all your outbound mail from there. stop thinking of broadband as
anything other than a lastmile protocol between your house and your own
piece of the internet core.
This is darn good advice.
no, it's sorely broken, as it breaks the e2e internet
It'd be really nice is mail client programs had an easy way for users to configure these settings. We have to walk our clients through the advanced settings in Outlook Express, Eudora, and other programs often.
70K user. 40M .coms. N*M. Gee thanks. That's too damned many relationships
to negotiate. And I think we learned our lesson with 'ADMD= PRMD=', didn't
we?
Moreover: which ISP would take responsibility that the email is delivered properly to the destination. Today all ISP just do best-effort.
This model won't work ...
Arnold
...
Agreed. However, this...
We need to start with an Email Service Consortium with a code of email
server practices in which the larger ISPs agree to stop accepting SMTP
connections from anyone who is not in the consortium or a customer. This
will get everyone implementing a set of well-known and consistent controls.
...is not practical. Remember the true street-level definition of spam:
"spam is e-mail you didn't want that wasn't sent by me or my customers."
Trying to form an E-S-C under those conditions is unthinkable or useless.
> Imagine a world in which only ISPs run SMTP servers which only talk
> directly to other servers with which they have an offline relationship.
70K user. 40M .coms. N*M. Gee thanks. That's too damned many
relationships to negotiate. And I think we learned our lesson with
'ADMD= PRMD=', didn't we?
it's a real shame that exponential growth can only occur in wormnets,
and that there's no such thing as transitive trust amongst humans.
otherwise we could build a trusted "smtp web" out of multilateral trust
relationships and existing X.509 technology, and it would become possible
to know from the SSL whether an smtp initiator has signed a loyalty oath
similar to your own, and if they then misbehave it would be possible to
find out who let them in and prune the whole branch. six degrees of
separation and all that.
but i guess i'm still a few years ahead of myself on this one.