I don't see any incentives there for CNN to change its current practices.
Were you planning to just send them money? Or did you figure that
they would assign programmers to work on changing their current
mailing list practices and software to fit your scheme just because
it will seem like fun?
Jesus Christ this list is filled with stupid. Do you guys effectively
argue anything or do you only skim over messages and point out your own
ignorance? I've completely outlined the method I was proposing and only
about half of the responses I received were intelligent. The other half of
the responses were either completely ignorant or a thread fracture debating
how public keys work.
Have you guys ever thought about what happens if you truly do find an
original idea that would eliminate SPAM? What if it wasn't 100% backwards
compatible with sendmail? Do you guys have any sort of plan on how to roll
out such a solution across the Internet? My guess as to why this group is
so ineffectual is because there are too many voices spouting opinions and
not enough organization. You repeatedly get people talking about building
a trust infrastructure, better ways to filter, a universal black list, a
new law to govern SPAM, a rating systems, or re-implementing Finger? None
of these ideas work. You will never build a trust infrastructure. You
will never be able to filter 100% effectively. You will never be able to
create a universal black list. You will never be able to get a effectual
rating system working. Creating laws will never solve the problem because
it is too easy to anonymously send E-Mail, or send it from a different
country. Re-implementing finger? That's the stupidest thing I've ever heard.
The fact of the matter is: The current SMTP/POP/IMAP protocols were built
on the idea of a trusting network. When you allow people who abuse these
protocols to access them, you're lost. You will never get SMTP to work in
a way that prevents it from being abused. You will never get filters to
work 100% effectively because one man's SPAM is another man's free
vacation. The only way to get E-Mail to work in an effective an un-abused
manner is to implement a new protocol. The faster this is realized, the
faster a solution will be found.
You need a *new* protocol that does not have a central location to provide
proof of identity.
You need a way to prove identity peer to peer in a sense.
You need a way to either identify SPAMmers 100% of the time and stop them,
or identify them most of the time and slow them down. Identifying them
100% of the time is probably not feasible, so you can't try and stop
them. Identifying them most of the time with occasional false-positives
and slowing these down is probably a better way to do things.
A good way to identify SPAMmers most of the time would be through the use
of a white list of digital signatures. If someone is on your white list,
they are not a spammer. If they are not on your list, they're probably a
SPAMmer and need to be slowed down until they are placed on your white list.
You need a good way to slow down spammers in a way that does not imply
trust and does not bog down the network or server. You need a way to slow
down the sending client in a way that's scaleable, voluntary, and
uncircumventable.
A good way to slow the client down is to make the client perform a task
that uses CPU time. This task needs some way of proving that the CPU time
was invested by the client before the mail is able to be sent. The only
way to circumvent this task would be to apply more CPU power to solving
this task which would imply more money invested. If the task is scaleable
to easily consume more CPU power, investing more money in CPU power would
become less economically feasible and SPAMming would no longer be a viable
business practice.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg