[EMAIL PROTECTED] wrote: > > There are several projects which discuss a substitution of traditional > Email with a more modern infrastructure, and I think it is time to > spent effort on pushing this forward and stop loosing time with > preventing what's inevitable - abuse of SMTP. > > Personally I just enlisted in one of these projects - im2000 - > http://cr.yp.to/im2000.html, which aparently has been kind of sleepy > during two years, but actually is kind of awakening.
Alot of people will resist this if it means replacing every mail server on the Internet, or even just the mail software on every Internet mail server. This has to be a revision compatible with the existing SMTP protocol or trying to implement this will cause catastrophic damage to the Internet mail infrastructure far worse than SPAM. > To prevent Spam (really), an Email system has some criteria to > fullfill, I will point out some of them here: > > - Sender and Receiver Identity have to be verifyable by the underlying > protocol. I believe this was the original intent of the VRFY command of the SMTP protocol until it was abused by Spammers attempting to confirm their mailing lists. But as for verification of anything beyond email address, some people legitimately don't want names associated with their email addresses. Additionally, as has been raised before regarding proposed legislation, spammers simply need to get a temporary email address from some service provider and then they can send massive quantities of spam from a legitimate address. > - Transmission of the message contents has to be initiated by the > receiver, not by the sender, to allow beforehand trust/cost > negotiation between the two parties: actual Email always puts the > cost on the (helpless) receiver. How can this be possible when the recipient can't possibly know when someone wants to send him something? Even if the protocol were to allow a yes/no answer to accepting the message contents, the recipient will be inundated by a flood of message transfer requests from spammers. For people who operate web sites and look for viewer feedback, how will they know who is sending spam and who is sending comments? This can be worse than getting the actual spam since you have no idea what is what until after you read the content so you be getting double the amount of traffic on the net. > - User configurable comercial advertisment: An Email user shall be > able to allow advertisers to send offers, by criteria defined by the > user. How will the protocol itself verify what is commercial mail and what is feedback or other noncommercial mail? As with the SMTP protocol, it will have to rely on the sender's word as to the validity of message content as stated. All a spammer will have to do is get a program that labels everything as noncommercial mail to defeat the protocol. > A new Email system has to implement a "closed door - open mind" > policy, which simpy does not lend to itself to propagate junk to *@*. With the snail mail system, the postal service simply can't provide a filtering method for junk mail. The recipient has to perform the filtering to "file 13" himself. Even with sophisticated automation of the mail server, how can the proposed new mail protocol allow the above mentioned feedback comments from an unknown user reach the recipient if you have to first get permission for each sender to transmit content to each recipient? This would seem to have a result in overburdening the end user's mail server with the added cost passed along to the end users in the form of higher service fees. At the very least, the end users will still have to perform the filtering themselves. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
