We certainly had a good discussion on using RMX. However, there is one
issue that has been bugging me that was not mentioned. With the current
SMTP system it is very easy to send anonymous email. However, what will
happen if RMX is used? RMX is designed to authenticate the domain of the
sender, not the actual user so it is still possible to use a proxy to send
the email for you. A mixmaster anonymous remailer or a web mail account
that was created through www.anonymizer.com can still be used to send email
as long as their domains have RMX records.
However, ask yourselves this question: how long will it take until spammers
will start using anonymous mixmaster remailers? Even though one individual
remailer might be capable to detecting incoming spam, if multiple remailers
are used that would be impossible. If spammers now are capable of using
multiple IP addresses and gateways, then they can certainly use multiple
remailers. If that happens, how long will it take the rest of the Internet
community to blacklist the remailers? At the present time it is much easier
for spammers to utilize open relays and SMTP gateways rather then mixmaster
remailers so they are not used. However, if that avenue is closed they will
be forced to use any tools available including remailers. It is rather
surprising that they have not been used widely so far. In the future, if
the RMX system is deployed how long will it take until those domains are
blacklisted?
With this in mind, consider if we want to "kill" anonymous email. Even the
postal system still allows mail to be sent anonymously as long as the
postage is paid. Even though people might argue that it is worth to lose
privacy versus having spam, I am not so sure. We need to draw a balance here.
Nevertheless, even with anonymous remailers gone, there are still many
other options open like webmail accounts, HushMail, etc. But just like the
people desiring privacy will turn to those, so will the spammers. Without
some inherent antispam tools in webmail accounts, those domains will become
blacklisted eventually as well. We must keep in mind privacy concerns when
developing any anti-spam system.
---------------------------------------------------------------------------------------------------
Yakov Shafranovich / <research(_at_)solidmatrix(_dot_)com>
SolidMatrix Research, a division of SolidMatrix Technologies, Inc.
---------------------------------------------------------------------------------------------------
"One who watches the wind will never sow, and one who keeps his eyes on
the clouds will never reap" (Ecclesiastes 11:4)
---------------------------------------------------------------------------------------------------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg