On Aug 2, 2006, at 1:26 PM, Marc Perkel wrote:
If SMTP becomes a server to server protocol then it will wipe out consumer virus infected spam zombies. It's not going to get rid of all spam - just most of it.
It will wipe out the _existing_ spam zombies. Then the zombies will adapt to using IMAP or POP instead. While it's true that this then presents the "they have to know the password" hurdle for the zombies, you get that same advantage by requiring SMTP-AUTH. So, by switching to requiring SMTP-AUTH you get the same exact advantage you would have gotten by switching to IMAP or POP for sending. Your method has _no_ gain over existing technology.
Your proposal is really just deferring the issue, not fixing it. You're moving the problem from one place to another, not removing the problem.
The useful part of your suggestion is "require authentication", and that can be done within SMTP. The rest of your suggestion is not really doing anything useful.
