We Can’t Get Rid Of Spam
Ed Sperling, 06.28.10, 06:00 AM EDT
*** begin quote ***
After nearly 15 years of filling inboxes with electronic garbage, the problem only seems to be getting worse.
Spam may well be one of those IT problems that never completely goes away, like rust on a ship. There are filters and services that can keep it to a manageable level, but even those don’t get rid of the problem entirely. Some of it still creeps through spam blockers, ultimately costing companies sizable amounts of money in terms of storage and employee productivity that is used to read it and delete it.
*** end quote ***
>We can’t get rid of spam
Sorry, but I disagree. And, with that type of attitude, we will never be rid of it.
Let’s start with the basic features of the internet.
IPv4 doesn’t FORCE full authentication. IPv6 moves us along. No one is really pushing IPv6.
The mail protocol has no real authentication.
Now on to the details. The Peering Points have no economic interest in stopping SPAM or creating a feedback mechanism. The ISPs have some half-hearted “committees” working on “solutions”. (Note, when one domain was cut off spam dropped dramatically, but it was reconnected. Someone’s pocket book get hit?)
BUT, any assumption that “it can’t cured” is a self-fulfilling prophecy.
Like the “user’s chronological age” problem, (i.e., how does a website KNOW there’s a child at the other end of the wire), this solution to SPAM is TOTALLY within the ISP’s control.
(1) Implement a fully authenticate email protocol. (SMTP has served well for decades; time for a face lift.) Turn the smart folks loose on the problem.
(2) End free email service. “Stamps” for email sent and received are essentially micropayments for cryptographic keys.
(3) If the User gets spam, give them a feedback loop to get their money back. That gives the ISP the trail. (Wall Street and most businesses can handle “chargebacks”.) Get after the various ISPs and Websites with email, that pass spam, with a big club — additional expense!
(I have to laugh when I get spam on Yahoo that purports to originate FROM a Yahoo email address. Yahoo doesn’t even bother to parse it’s own email. If the email purports to have originated from within it’s own domain, why is it coming in from the outside. That should be an easy fix.)
(4) Implement a PKI infrastructure and than you know who sent it and can come down hard on that person. Why should email be like writing on a postcard? Could it be that there are economic advantages to allowing snooping?
The software vendor’s are not immune to criticism in this mess. They put out OS and Applications software that buggy and allows this mess to continue.
IMHO, this SHOULD BE a solved problem.
# # # # #