h a l f b a k e r yApply directly to forehead.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
When the current email system was invented, few of the machines exchanging email were had full-time interconnections. If machine #1 could sometimes communicated with machine #2, and #2 could sometimes communicate with #3, the protocols allowed messages to go from #1 to #3 via #2. This was a very useful
ability, but is in most cases no longer necessary.
Unfortunately, the ability of email messages to be sent via several intermediate hosts makes spam practical and hard to fight, because it makes it hard to authenticate where messages really come from. If a spammer's machine claims that it has a message from goodguy@goodplace.com, it can pass the message on to other hosts who will in turn claim it came from goodguy@goodplace.com, even if the message was actually originated by the spammer.
Given that most mailboxes are connected to the Internet full time, I would suggest that it might be worthwhile to make a new compatible extension to the Internet email protocol which would use a direct-delivery paradigm. Instead of having an email client initiate a connection with its SMTP server, it would instead initiate a connection directly with the destination mailbox server. The connection would be a new sort which would indicate that the originator of the connection was in fact the originator of the message. If a connection failed, the originating machine could then decide what to do about it.
Using relays, spammers can hide their identities well enough to prevent easy statistical detection. If spammers had to initiate all emails from their real IP's, it would be much harder for them to avoid the Reaper.
[link]
|
|
erm, how is this different from having a few alternative MX records, with a different PRI ? with ADSL for instance, I could get mail delivered directly to my PC, or, if my PC was off to an alternative forwarding smtp host.?
P.S. reverse dns look-up is good enough. |
|
|
Why do you think is it easier for the endpoint to detect the spammer than it would be for the relay? The ability to authenticate a sender is independent of who does it. |
|
|
//The ability to authenticate a sender is independent of who does it.// not authenticate, but you could do things like check to see whether a sender is in your address book. Personally I'd rather leave all that stuff on someone else's server. |
|
|
Congratulations! You have un-invented the Internet. |
|
|
Well, un-invented a method of doing things which got around some of the limitations of the Internet in its 'early days'. |
|
|
Although having direct point-to-point email connection wouldn't do a whole lot to eliminate spam (though it would slightly increase the costs to originate it, as spammers wouldn't be able to send all their emails via the highest-bandwidth relays) it would mean that spam recipients could send back hatemails secure in the knowledge they weren't blasting some innocent person whose address was forged. Enough hatemails from disgruntled spammers could form a somewhat-effective DDOS attack. |
|
|
So, on your planet, spammers can be dissuaded by hate mails? |
|
|
Long distance charges may apply. |
|
|
Well, actually I was thinking there would be a number of possibilities. Under the current protocols, the fact that a large number of email messages are received from a particular IP address doesn't mean anything bad about the address or those messages; the address could simply be a relay that was legitimately selected as a path for sending mail. Even if a relay happens to carry a lot of spam, that doesn't necessarily mean it's misconfigured or its traffic should be blocked; it could be that ther'es an open relay upstream of it. |
|
|
If emails had to have an authenticated source IP, then it would be much more practical to do statistical analysis on spammers and track them down. IP addresses aren't all that difficult to get, but if a spammer had to get a new IP every day it would significantly increase the cost of doing business, especially if people became reluctant to supply them. |
|
|
Yes, sender/domain authentication is a good idea, but that doesn't mean that the transport needs to be point-to-point.
(You meant "point-to-point", not "peer-to-peer". Right?) |
|
|
//So, on your planet, spammers can be dissuaded by hate mails?// i'd presumed (not knowing what DDOS stands for) that we were to send LOTS of hate mail. i personally would gladly send 'Lord of the Rings' in Spanish, 'War and Peace' in Swahili or some other unweildy document in the knowledge that it would help to bugger up the spammer's day. unfortunately they are bound to know more about getting around the problem than i am. |
|
|
ooh ooh, is it *something* Denial of Service? |
|
|
There are several chat and voip systems
that dont use servers, and ftp is already
used to send files(mail) directly to
another computer. |
|
|
The disadvantage is that the reciever
computer would have to be on, or the
transmitter would not be able to
connect. |
|
| |