h a l f b a k e r yFewer ducks than estimates indicate.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
I have many ideas on how to do this, but
since it generally involves rejecting all
standard email formats, and accepting
certain arbitrary ones, it's good only
for small groups.
Unfortunately, small groups would have
trouble designing the Weirdmail formats,
and connecting themselves to others
they
want to communicate with. They'd
have to be able to send a specification
that would enable email clients to translate
between formats.
But on the other side, spammers would not
bother hacking everyone's own kind of email,
because everyone could change it at will.
Spam can not be stopped any more by
responding to it. Only by filtering it,
or circumventing the channels it comes through.
One standard-compatible method may be,
distributable keys to changeable locks on
your mail box. But email clients must block
messages without valid keys. And we'd have
to all make up our own lists of keys and who
we gave them to. That would be annoying
but at least we'd know who gave one of our keys to
a spammer. The email client should remember them
and whose they are.
The keys, being personal and clever, could hinder
brute force hacking. Example keys:
4-BETTY-FULLMOON-96CAMRY-MET022899-FUNKEY
AND24-THE-BANK-AND24-2003AD-PINKSWINESLOT
One more idea. Everyone uses PGP or something all the time. That way key sniffing is hindered.
Please log in.
If you're not logged in,
you can see what this page
looks like, but you will
not be able to add anything.
Annotation:
|
|
But eliminating spam from a
defined, organised group of
people is easy and there are much
easier ways of doing it that coming
up with some whacky email
format. You might, for example,
arrange that everyone rejects all
mail without the string
"qwerty123" in the subject. |
|
|
If I saw qwerty123 in the subject then it would look like spam. Most spam I get has random letters or words in it these days. I'd like to know what the subject is. qwerty123 could be a key, though, on one of the first lines of the message, I guess. |
|
|
Actually, the "querty123" method works quite well, but is best used with logical tags. I have a hotmail email acount that gets so much spam I set it to autodelete everything unless it is from someone on the safe list. However, the filtering tools still work, so if I set it to move any email with a subject starting in "xxx" to my inbox, it will accept such email from people not on my safe list. |
|
|
So any time I post in a public forum and I want people to be able to contact me, I give that email address and tell people to start the subject with "xxx" to avoid having the email deleted as spam. For example, if I wanted anyone from the halfbakery to contact me, I'd probably say to include "halfbakery:" at the start of the subject line. Seeing that at the start of the subject is actually useful because it helps classify the importance of the message as well. |
|
|
Of course if this ever becomes a really common practice, it will be slightly less useful as email address harvesters may attempt to harvest subject lines as well as email addresses, but even then, I can deactive any of the subject tags and only have to update contact info with one group of people. |
|
|
I don't like your examples, because they're unnecessarily weird, but the basic idea is sound and can be easily implemented in ways other than those already described by others. |
|
|
One implementation choice can include accepting your "weird" mail on a different incoming SMTP port (instead of TCP port 25). |
|
|
So anyone wanting to keep all their email software but wanting to receive only "weird" mail (or perhaps not filter it as aggressively as ordinary email coming in from the wild) from friends can set up an SMTP server on, say, port 999 and tell friends "to email me pronto, configure your outgoing email to my site to use my port 999". |
|
|
The most realistic solution to the
problem in my view is phasing into
mandatory SMTP authentication for all
senders, so their source can be verified.
Probably something similar to SSL
certificate authorities today. Make it a
required part of every mail transaction
via RFCs - in a staged way. Sources of
the majority of spam would be
traceable, and this alone would
probably cut spam by 90% or more.
Email privacy and encryption should be
addressed separately, and there are
already good solutions in this area. |
|
| |