On 21 Jun 2003 at 6:51, David H. Bailey wrote: > Michael Edwards wrote: > > I recently got a peculiar message from Bob Florence which I understand is > > being received by everyone in his address book (I do vaguely remember some > > mention of this a week or so ago) - so I'm probably not breaching privacy in > > raising this here. > [snip] > > I verified myself and then told him how rude it was and that we had > already discussed it on the list and somebody had even suggested he be > unsubscribed. He realized it was rude and resulted in the very sort of > spam that it was trying to prevent for him, and he stopped the service. > > He also posted to this list with an apology.
I predict that five years from now, all email will be whitelist- based. That is, if you send an email to someone, you'll get back a verification notice, one that is not machine-readable (it will likely involve going to a web page and typing in an alphanumberic code displayed as a graphic; Yahoo already uses this approach for setting up new email accounts in order to prevented automated account setup). Only then will your email be accepted. The idea is that your email account will accept mail only from a number of listed addresses, and the verification process is there to insure that legitimate new addresses can email you when they need to. The service that Bob was using, however, was inadequate in that it could not be configured to check anything but the FROM: header, because if that were not so, only the Finale listserv would have needed to be verified (and the user would surely set this up in advance). Of course, these kinds of things are like an arms race, in that once whitelists are in widespread use, the spammers will come up with software that knows how to automatically verify itself, including doing OCR on the graphics used to prevent bots from verifying themselves. The technology already exists, it's just a matter of how quickly the spammers figure out how to use it. I think that there will need to be laws and international treaties in force, along with the advances in email technology (which also include the upgrade of the whole Internet to IPvN, whichever version they are working on right now (8?)), because the only real solution is a network that won't allow any kind of spoofing, and has bulletproof discovery of the originator of the message. That's not really possible with the current infrastructure, but will become more and more of a necessity for all kinds of net-based transactions as we move more and more our activities to the Internet. -- David W. Fenton http://www.bway.net/~dfenton David Fenton Associates http://www.bway.net/~dfassoc _______________________________________________ Finale mailing list [EMAIL PROTECTED] http://mail.shsu.edu/mailman/listinfo/finale
