ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] Proposal ....

2003-03-12 11:43:18
from [Art Pollard] [Permanent Link]
I recently made a proposal over at slashdot which seemed to garner a fair amount of support. 

It is this:
When the mail client sends a message, it only goes as far as their local mail server. The local mail server stores the body of the message and then sends the header on to the recipient with a ID through which the body may be picked up.
When the header arrives at the destination, the client on the other side downloads the body of the message from the specified host. 

There are a variety of advantages to a system such as this including:
1) There is a server which is responsible for the message that may be tracked down. Forging headers (as spammers now do) will not hide the origins of the message.
2) The system administrator on the other end will have time to "cancel" the message before it arrives at most of the recipients mailboxes. (i.e., the sysadmin looks and George has 20,000,000 messages in the outbox waiting to be picked up. The sysadmin looks at the messages, sees they are spam, then he nukes them.)
3) If the messages are nuked before they are picked up, the message header is simply thrown away by the mail client or written to a log or put in a special mailbox or ... in either case, it is totally transparent to the end user and the end user never even knows they have been spammed. 

Given this: It would also be possible to develop a self moderation capability.
For example, the sending server has a specific port or reporting mechanism and given a: 1) Server ID, 2) User ID, 3) Message ID that is sent to it in a "Spam Report" it could verify that the message had actually been sent by the user specified and if so could flag it to the sysadmin. Furthermore, if N spam complaints came in for verified messages for a specified user in a given period, the account could be automatically put on hold until cleared by the sysadmin.
Also, since there is a server which is directly responsible for the message, it would be easy to automatically add the server or server/user to a blacklist. Messages from servers that are blacklisted would simply be thrown away -- again transparently to the user.
I personally don't believe that any one scheme is going to win the battle against spam. What we need to do is create a framework each node of which reinforces all the other nodes in the framework and makes it progressively more difficult for spammers to conduct their business. 

-Art
--
Art Pollard
http://www.lextek.com/
Suppliers of High Performance Text Retrieval Engines.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] Random thought, Jason Hihn
Next by Date:  RE: [Asrg] RE: You say tomato, I say authentication, Hallam-Baker, Phillip
Previous by Thread:  [Asrg] RE: You say tomato, I say authentication, Raymie Stata
Next by Thread:  RE: [Asrg] Proposal ...., Jason Hihn
Indexes:  [Date] [Thread] [Top] [All Lists]