Here is a reliable solution for filtering spam.
If you ask people (go verify this for yourself):
"You could stop all those annoying spams."
"K."
"The restriction is you will only be able to receive e-mails
from people *already* in your address book. New people would
need to be entered by hand. Do you still want it?"
"Yep."
MOST USERS
Most users use a very small set of the features of e-mail. No news
groups or mailing lists. They just send and receive e-mail from people
they know personally.
This is a simple reliable feature that can be turned on when someone
has a simple e-mail life. Anyone who needs e-mails from people they
don't know can turn off the feature and turn it back on when they want.
FILTER STATES:
1. Turned off.
Accept all e-mails from anywhere. Just like now.
2. Turned on, standard.
Accept blank "ping" e-mails. (described below)
Accept e-mails that the reply target is in address book.
3. Turned on, maximum.
Accept only e-mails that the reply target is in address book.
REJECTED MAIL ACTION CHOICES:
1. Tell server to replay with "undelivered - bad e-mail address"
message if possible. This would be perfect because (1) spammers would
think the e-mail address is no good, and (2) friends would get feedback
that something was wrong and would contact the user through another means.
2. Delete it on the server (only if #1 above can't be implemented, I'm
not a mail server guru so I don't know). Some people (including me)
think that added download time for spam is gross. These people can speed
up their downlaod time and keep their deleted folder lean and personal.
Viola! Mozilla is now the faster e-mail program in the world at
downloading e-mail. Since, you don't need to wait 5 minutes for all the
spam to download.
3. Download it to a specified folder. Some people may want to inspect
their spam. Attach a "[rejected]" to subject line and file this mail
using a stander mail sorting rule.
PING E-MAILS:
Although the most restrictive settings on the feature would require
that the user enter their friends e-mail addresses by hand. We should
allow for the optimistic world that people in the future will not have
to batten down *all* the hatches to exist in the e-mail world.
So, as a matter of convience we should allow an e-mail to be received
with the sole purpose of someone asking to be added to our address book.
The qualities of this e-mail must be:
1. No viewable data. Spammers rely on us *accidently* seeing their
pitch.
2. Easy for a friend with old e-mail program to create.
Empty e-mail = "ping". I've never received a meaningful blank e-mail. A
blank e-mail is ineffective for spamming since it contains no sales
pitch. And a blank e-mail is the simplest thing for a friend to send
you. They don't have to worry about accidently typing an exact subject
line or anything like that.
Spammed with pings? At somepoint when this feature becomes popular and
wide spread (so ordinary spam tactics dont work) the world will
undoutably be spammed with pings. Spammers will be trying to get into
everyone's address book so that they can then "offically" pitch them.
However, once a user receives a single spam they will just remove the
person from their address book again. And if they get totally spammed
with pings they will turn the filter onto maximum, batten down the
hatches to weather the storm, and let their friends know they are only
accepting e-mails from their address book.
MAILING LISTS:
Accepting only e-mail where the reply target is in address book allows
this user to receive mail from a mailing list. As long as the e-mail is
such that when this user click's reply the e-mail is targeted to an
address in this users address book.
Filter hole: A spammer could mass send e-mails with different
combinations of reply addresses and rely on the contents of the message
to do the 'convincing', knowing that their will never be any replies
that reach them. Just having links in their e-mail body. For example, a
spammer sends a spam that if replied to goes to your friend Bob. Since
Bob is in your address book the e-mail gets to you.
Extra restriction setting:
1. Allow mailing lists.
This is the standard restriction logic above.
1. No mailing list.
An extra restriction on the e-mail that the
from address and reply address *must* be the same.
SPAMMER DISCOURAGEMENT:
I'm not a lawyer but if a spammer sends e-mails that act like mailing
list e-mails, they are probably in very legal danger of acting as if
they are someone else. If they are not your friend Bob, then they
shouldn't be selling marketing material that is represented as being in
partnership with Bob.
And, if they send e-mails tha defeat the no mailing list setting, then
they are essentially saying "I *am* Bob". And you can't convince me that
when Bob gets a bunch of e-mails from people saying "Stop selling me
stuff", Bob won't stand up to some company acting as if they're him.
IDEALIST THOUGHTS ON SPAM:
Imagine one of two extremes:
1. Only a small handful of people on the Internet have this feature.
2. Almost everyone on the Internet has this feature.
First, if only a small handful of people on the Internet have this
feature, they wouldn't comprise enough of a population for spammers to
take the legal risks above. So those that used the filter, would have it
working exactly as expected: no spam!
Second, what if almost everyone on the Internet had this feature. Now,
there may be enough reward for spammers to take the legal risks.
However, now if they sent out a massive swarm of e-mails (everyone of
them "acting" as if they came from one of your friends), what backlash
they would get.
VISIBLE CHANGES TO UI:
CHANGES TO PREFERENCES:
FILTER SETTING SCREEN:
Filter choices:
* Filter off.
* Allow pings and address book.
* Allow address book only.
Mailing list choices (only if filter is on):
* Allow reply-to w/o from to be accepted.
* Allow only reply-to only w/from to be accepted.
Rejected mail choices (only if filter is on):
* Reply as non-existent address (if possible, else delete on
server)
* Download to folder:
* control for choosing folder
CHANGES TO MAILBOX CONTENTS:
NEW KIND OF MAIL MESSAGE: PING
These messages appear in the folder with all the
other mail. But when they are examined they have
a description of the current filtering settings
and options (users may need to up their filtering
from spam pings) and a ACCEPT SENDER button.
ACCEPT SENDER BUTTON
when this button is clicked the sender is
added to the address book and a reply is sent
to them saying "you can now send e-mails to
joebob@wherever"
ADDITIONAL COMPOSE MENU ITEM:
MAKE PING
Have just entry field for address and a SEND button
and has text to explain what it is and how it works
and when it shoudl be used. Like "if you've sent e-mail
and received a not allowed message then you may need to
ping them or if they're options are high enough you'll
need to need to contact them through other means."
