a large-scale re-structuring of Internet mail to provide for secure
authentication and cost sharing for received e-mail.
What if the equivalent of "caller ID" was built into sendmail? Making sure
that the sender is a valid email address.
It's a necessary precondition, but not sufficient by itself. Also, simple
address verification may or may not be enough. There is no statute or case
law that makes the owner of an address legally liable for the mail emitting
from there - this could be an issue for claims of forgery and the like.
The above notwithstanding, assume for the sake of argument that one could
develop and deploy a secure mail system that authenticated message origin to
the account level. This would meet the first requirement, and could
*possibly* be the infrastructure for building the second. However, limiting
anonymity likely wouldn't provide a strong deterrent by itself, since spammers
could still run through multiple non-anonymous dialup accounts over the
lifetime of a spam campaign.
The other piece that would be needed - in this technological solution world -
would be a fast, secure universal electronic payment system such that each
mail message would be accompanied by some offer of payment. A friend or some
other previous acquaintance would presumably send messages with a 0 cent
payment and assume that you would recognize their name and address and accept
the message anyway. An advertiser would include some amount and you - or your
filters - would decide to accept or reject the message based on that and
possibly some other tagging information.
The scheme has generally not been sketched in much further detail because the
deployment issues typically overwhelm any discussion.
a large-scale re-structuring of Internet mail to provide for secure
authentication and cost sharing for received e-mail.
What if the equivalent of "caller ID" was built into sendmail? Making sure
that the sender is a valid email address.
It's a necessary precondition, but not sufficient by itself. Also, simple
address verification may or may not be enough. There is no statute or case
law that makes the owner of an address legally liable for the mail emitting
from there - this could be an issue for claims of forgery and the like.
The above notwithstanding, assume for the sake of argument that one could
develop and deploy a secure mail system that authenticated message origin to
the account level. This would meet the first requirement, and could
*possibly* be the infrastructure for building the second. However, limiting
anonymity likely wouldn't provide a strong deterrent by itself, since
spammers
could still run through multiple non-anonymous dialup accounts over the
lifetime of a spam campaign.
Slow down there folks. Disallowing anonymity on the net is another
/serious/ issue. If you need reasons why...
1) Incest and Rape support groups.
2) Political speech
Just keep on adding your reasons below, but please don't forward them to
the list.
address verification may or may not be enough. There is no statute or case
law that makes the owner of an address legally liable for the mail emitting
from there - this could be an issue for claims of forgery and the like.
Scott -- I believe that the legal ins and outs are mostly moot. The scope
of spam is global while most law is national or local. To use
less-than-global law to regulate something of a global nature, you would
need customs services that would prevent spam from being smuggled in from
other jurisdictions where spam is legal.
I believe that the only thing you can do with courts is to use the civil
courts to discourage spammers. You sue the bastards, but only after you
get abused.
*possibly* be the infrastructure for building the second. However, limiting
anonymity likely wouldn't provide a strong deterrent by itself, since spammers
could still run through multiple non-anonymous dialup accounts over the
lifetime of a spam campaign.
The basic concepts about email have to change. The present system is
hopelessly out of date.
The scheme has generally not been sketched in much further detail because the
deployment issues typically overwhelm any discussion.
One way this could happen is with large content providers. They must see
spammers the same way that we do -- As parasites. If AOL and CIS et al
wanted a UCE-free protocol, i'm sure that Qualcom and Netscape et al would
support it. Somebody let me know when beta testing starts.
[ On Sat, November 1, 1997 at 11:28:40 (-0500), Bill Becker wrote: ]
Subject: Re: Spam Control Considered Harmful
The basic concepts about email have to change. The present system is
hopelessly out of date.
I'm not so sure about that.
There are a couple of silly points in the old RFCs (that are in danger
of being re-instated in the new ones), but other than that we've got one
of the most widely accepted mail transport protocols in use on the
Internet (recent corporate IS trade rags are saying SMTP is the way to
go, just as they finally did for TCP/IP). I'm not saying these guys
should lead the pack, but they're usually pretty good thermometers.
There are a whole bunch of popular mis-conceptions and incorrect
perceptions about e-mail that we really do need to correct.