Marc Perkel wrote:
Spam is never eliminated - just reduced. Most spam comes from virus
infected zombies that talk SMTP. If end users were by default set up so
that they can only send email by IMAP then you can block off SMTP ports
for end users isolating them from the SMTP world. That would take a huge
bite out of the spam problem.
For about a day. Spam software writers aren't stupid. All the standards
that would be necessary for this kind of system to work on a broad scale
would have to be open. By the time you got every ISP in one slice of the
world to do this, then this will be exploited. My own home ISP had this
happen to them. Bellsouth (in my area at least) blocked both 25 out and
25 in. We had to send through Bellsouth's mail server. At first it was
configured as an open relay for their customers. Then you had to
authenticate. After they enabled authentication, I haven't seen a single
Bellsouth DSL originating email spam (from the res blocks.) If others
have, chime in. But from what I see, this works. It did anger me at
first because they didn't tell their customers, and when directly asked
they denied doing such (maybe just their help desk drones didn't know.)
Anyway. Block 25, require auth to the isp's server. Done. SMTP-AUTH
would be EXACTLY the same as what you purpose. Here's an idea. Quit
waisting your time here. You haven't found any supporters here. Try
security lists. Write a letter to your ISP, your friend's ISP, your
place of business's ISP and see what they say. I bet they'll say "Not
feasible -- SMTP-AUTH works just fine"
--
Thanks,
James
