Matthew Elvey <matthew(_at_)elvey(_dot_)com> wrote:
1)What has failed to happen so far is sufficient bench testing. Why
test something in the field when a simple lab-bench test suggests it
won't work? Let's consider how silly our behaviour looks when compared
to the way cryptography schemes are developed. A crypto scheme is
generally announced, and actively discussed in the community. Attacks
are theorized and defenses are presented by the scheme's proponents, in
extensive open discussion, long before field tests are used to see if it
works.
The key here is "open discussion". The SMTP/anti-spam field
involves so many strongly emotional positions that open discussion is
rare.
On MARID, we've seen security flaws poo-pooed.
In cryptographic circles, the people who develop encryption schemes
accept the fact that their schemes are flawed, when provided with
proof. The people who attack encryption schemes accept the fact that
their attacks are flawed, when provided with proof. The goal of both
parties is to provide provable security.
The failure of SMTP to protect from forgery, malicious bounces,
etc. is a failure of the security model of SMTP. Until that's
analysed and fixed, all of the proposed schemes are band-aids. And
even if they're all fixed, it will still be possible for a million
random people on the net to send you email, because that's a goal of
email. And those people can all choose to send you spam.
Spam will never go away. But we can make it easier to track, and
easier to hold people accountable.
Alan DeKok.