New incompatible Tricks promotes change

Doug,

Change promotes chaos which strives for equilibrium which instigates a 
new round of survival of the fittest, deviation and imperfection, thus 
the cycle begins again.
Trick XYZ requires change like any other trick. If change is what we 
want, IMO your particular trick no longer applies - there are by far 
more simpler solutions.
SMTP v3.0 needs registration and enforcement ideas.  Thats all - two 
fundamental ideas that we are very careful not to revisit again.
What we have today is akin to a filtration by osmosis process.  If you 
don't fit a certain size or shape, you are filtered.  In an organic 
world, those filtered can adapt to the attributes required.
The typical problem is that the osmosis filters get clogged up which can 
increase pressures and slowing down the flow rates.
One typical solution is to use special desirable chemical/DNA markings 
that can be detected thus allowing for an infinity, chemical or 
electro-magnetism based separation.
This allows for multiple streams of osmosis filters: One group for 
special DNS markings and another group for the rest.
Of course, in a living organic world, adaptation with the DNA markings 
are possible, so now we institute a control process for the the feed 
containing DNA markings.
To help accelerate the process, only special DNA markings will be used 
which are compatible with our special, trade secret, catalyst injections 
 which the DNA has an affinity changing their DNA state to one of 
higher quality offering even better filtration by osmosis.
I knew I can apply my old chemical engineering training for something :-)

--
Hector Santos, CTO
http://www.santronics.com



Douglas Otis wrote:
> On Dec 5, 2007, at 6:51 PM, John C Klensin wrote:
>
> > This type of reasoning is exactly the reason why some of us are 
> > skeptical about greylisting and any other technique that works well 
> > only if it is used by sufficiently few people.   If it starts being 
> > used enough, the spammers have the incentive to figure out how to 
> > simulate the behavior that gets past the traps and then, sooner or 
> > later, it isn't worth bothering with.  The skepticism leads some of us 
> > to wander away from conversations about how wonderfully effective the 
> > technique while muttering "arms race".   Others wander off in a 
> > slightly different directions muttering "making the bad guys smarter 
> > is really not a good strategy"
> > At least the first of those sources of muttering noises does not 
> > suggest that you shouldn't use a method that works for you as long as 
> > it does work for you (others might disagree about that). It does mean, 
> > I think, that you should be somewhat careful about praising the method 
> > to others or assuming that it will last forever.  And then there is 
> > the part I worry about most, which is that we will make basic changes 
> > to the email protocols in order to make things work better, for a 
> > short time, for these relatively short-life-expectancy techniques.
> SMTP's inability to reliably identify where a message originated has 
> caused inordinate reliance on content filtering.  While at first, 
> content filtering had been fairly effective, this in turn has caused 
> spammers to improve their obfuscation techniques at a rate that has 
> become impractical for receivers to match with resources.
> For each direct source of spam, there are 4 sources of spam emerging 
> from tens of millions of MTAs as DSNs.  The abuse of DSNs is seriously 
> eroding email's integrity.
> Few MTAs can operate and accept message for all recipients.  The 
> inability for MTAs to handle all possible traffic exposes valid 
> recipients to being discovered.
> Providers of domain names, IP addresses, or certificates have a conflict 
> of interest, and are unable to prevent access to spammers.
> SMTP can not even mandate the use of an MX record to avoid searching for 
> policy records.
> Reputation assessments of the last hop IP address is causing spammers to 
> merge their traffic with other domains.  Often this merging is 
> accomplished through compromised residential systems.  The doubling rate 
> is at six months, quickly making last hop reputation assessments less 
> meaningful.
> While DKIM attempts to provide essential transport information, it is 
> also prone to replay abuse and employs public key cryptography where 
> sign-once / send-many gives transmitters a resource advantage.
> Grey-listing does not afford any long term strategy.  However, the use 
> of temp errors can help avoid a complete denial of service as a triage 
> strategy for limited receiver resources.  Reputation is then used to 
> establish priority.  Processing undesired messages can exceed 99% at 
> very high volumes.  This is not how the Internet should work.  A basic 
> change to SMTP is needed to shift the burden toward the transmitter.  
> Greylisting increases the number of transactions per message, so 
> ultimately, this is headed in the wrong direction.
> The TBR reference exchange can be done within a single transaction.  The 
> transmitter is required to hold messages until the receiver is ready.  
> With a high level of source granularity, message origination reputation 
> should be able match the transmitter's level of abuse and not breed 
> super spam.  References can be retained for a period of time, where 
> abuse pattern can be detected and used to silently expunge abusive sources.
> -Doug