RE: Anti-spam System Idea

If these exist then why are we still having problems? Why do we let
customers who have been infected flood the networks with traffic as they


Someone sent me a message on Friday with a Dykstra quote that
sums it all up...

It is impossible to sharpen a pencil with a blunt axe. It is equally vain
to try to do it with ten blunt axes instead -- E.W Dijkstra, 1930-2002

It simply isn't possible to block spam no matter how many
axes we use and how cleverly they are designed. If we would
put the same amount of effort into a secure Internet email
architecture, then the whole SPAM issue would just fade away.

Today, there it is not possible to secure the email system
by securing a subset of email servers. SPAM can enter the
system at any email server and therefore we have to secure
all servers in order to block SPAM. But any particular email
server also needs to accept legitimate email from a large
and unbounded number of sending servers. So it is a very, very
hard problem to either separate SPAM sources from legitimate
email sources or to separate SPAM messages from legitimate
email messages.

However, if the world shifted and the only way to send
email was to use a secure authenticated submission protocol
to pass the message to an ISP with whom you have a business
relationship, then the scale of the problem changes. Now you
only have to secure the submission servers and any particular
organization can more easily distinguish between the small
number of customers and the larger number of non-customers.
Of course, this also means that all SMTP servers must also
be secured to only accept email from known authenticated sources.

This is technically possible if we had the will. However, today
few people have the will to attempt to fix this problem because
of the phantom SPAM problem. We see the symptoms of the email
architecture disease and assume that SPAM is the disease itself
rather than merely a symptom of the disease.

In the meantime, Internet users are discarding the use of email
in favor of instant messaging networks, some of which are more
secure than email and have less SPAM. You will note that IM
services are rarely offered by an ISP to its customers as part
of a service bundle. The net effect of this is that one of the
value-added services that smaller ISPs can offer is becoming
eroded and replaced by a value-added service that is only
offered by the largest ISPs.

--Michael Dillon