i'm not so sure SMTP needs to change, because ultimately everybody needs to have unknown or unexpected folks contact them via email, and that's precisely what SMTP does --- and precisely what whitelists or blacklists in their most strict forms prohibit. the U.S. postal service allows unexpected contact, and that's a good thing too. i think the difference, however, is in the cost of transport (a trivial and well-known statement), which makes the experience of email so different from that of snail mail, even though in principle we get spam via both modes. we get spam via telephone too, for that matter, but thankfully not (much) on cellphones yet.
nevertheless, i think whitelists and blacklists are certainly a good component of a larger system that integrates multiple indicators of whether an email is spam or not --- like bayesian methods for instance. but to deny an email based solely on 'white' or 'black' lists not only prohibits free communication, but i believe will also ultimately be hacked by spammers, and then used to the detriment of those employing such techniques. one thing i fear is that if us techies advocate white/black lists too much, and implement them with fanfare as a 'save all' method, then some legislators might get the bad idea of legislating such technologies as best-in-class and necessary solutions, which would then take away our freedom to implement other novel solutions, based on what we think is best at any given moment. i'm not looking forward to the day when i have to go to the DMV not only for my driver's license, but also for my license to operate a mail server too... personally, i've had a pretty good experience with a learning bayesian-type filter, which rejects about 100 spams a day for me with better than a 0.5% rate of letting spams through to my inbox. on the false positive side, i've configured it to notify each sender of a filtered spam a short note, in natural language, explaining how to circumvent the filter should they need to. thus, if a real person's mail gets filtered by mistake, the sender will most likely know about it --- if his filter doesn't filter the bounce message :-) another idea which is useful is a 'disposable address', which can be created on the fly and used for a specific purpose --- like subscribing to nytimes.com. later, should such a disposable address become compromised with spam, it can be disabled with no detriment to one's other email addresses. a couple years ago i created a free service http://spamfreedom.com offering this option to friends and family, and i now find it to be a good 'front-line of defence' to the spam filter i use, effectively shielding it from onslaughts of pure spam rather than mixed bunches of spam and real-email on a permanent or public address. mike <a href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3824509#3824509";>View the original post</a> <a href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3824509>Reply to the post</a> ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
