An article about throwing away the Internet and starting over seems a bit off. First, it complains about spam and suggests that we need to throw the Internet away to combat spam. Aside from the need to politely ask the global economy to grind to a halt for bug fixes, this really seems like a case of pulling out the ICBMs to hunt cock roaches. While I admittedly don't know much about the adminstrative side of things, I don't see why adopting a new email protocol requires scrapping the 'Net.
The author also wrote "Conversely, whitelisting would become easier because you could whitelist users based on their certificates, not based on a from: address that is easily spoofed."
Yes, the from: address is easily spoofed. If you spoof email to me from my friends and I have a whitelist in place that allows those through, you can spam me. Now imagine trying to send out 10,000,000 with my friends email addresses. If everyone had whitelists, that spam would be useless and thus not cost-effective. Spammers would have to try to figure out not just how to spoof headers, but how to figure out which email addresses large percentages of users are going to allow through. I don't imagine enough overlap that this would make spamming cost-effective.
Suppose I need to send an e-mail to a couple of hundred OSCON speakers or to a few thousand newsletter subscribers. I don't have time to deal with each individual whitelist request. If I automated it, though, what's to stop a spammer from doing the same?
The same goes for every micropayment system I've heard proposed in conjunction with e-mail. A lot of these proposals work fine if you only ever talk to a handful of people. There are quite a few people like me who have genuine business reasons to talk to lots of people.
Re:Whitelists Aren't The Complete Answer
rob_au on 2003-04-22T12:43:24
There is a good paper discussing different guarded email systems online at http://www.dwheeler.com/guarded-email/guarded-email.html.Re:Whitelists Aren't The Complete Answer
inkdroid on 2003-04-24T16:56:28
From here:"If you're sending an email, Bluebottle automatically adds the recipient's address to your allowed list to avoid a request being sent when they reply."
So chromatic would automatically whitelist his recipients when he sent the email. That's actually pretty cool.
That having been said, this system has been receiving a fair amount of press here in Australia (1, 2) and promises to provide quite a functional alternative for spam control and from an "insiders' perspective" can definitively say that there are some very interesting improvements currently under development.
laws..
htoug on 2003-04-25T07:11:24
We have a law that forbids spam here in Denmark, it is a part of a EU legislation AFAIK. I have notified the local 'folkeregister' (the office where they keep tabs on you, your whereabouts, why you are married to etc) that I do not want any unsolicited mails, either normal, e- or by phone. There is a fairly stiff penalty for breaking the law - I complained to a local bank who (due to an error in their filtering programmes) sent me an ad for their fine new something-or-other, and they excused profusely and sent me a couple of bottles of wine in compensation [now if I just had a sip for every spam I have recieved from abroad - ouch my liver;-]
If this was implemented world-wide, the savings of bandwith would be enormous. Of course it would have to be so that I could just complain to my local authorities, who would take care of prosecuting etc.
SNAP - wkae up stoopid! You are daydreaming again!
