If we want to see mechanisms that focus on the spam originators
and spammers, rather than the receiving end, focusing on people,
and especially mechanisms, that have characterized efforts for
most of the last 25 years of effort may not be the best answer.
I agree that trying to develop new approaches without
understanding the old ones would be unwise but, if one wants new
approaches, getting over-focused on the older ones may be unwise
too.
My personal view is that the ONLY way we'll get a significant and
objective removal of spam is if we have some form of central
authorisation (not authentication) system for sending email. This could
be based on DNS/client certificates/something else.
(What I mean by 'authorisation' requires a central body (or network of
central bodies) with whom you can register your email senders with
information about which IP addresses and/or domains are used. There has
to be some (small) cost in either effort, time or money to register (to
discourage abusive registrations while not preventing legitimate ones)
and so on.)
I see and (at least partially) understand the resistance to that idea,
so I wouldn't dare propose it as a solution. However...
In essence, I actually think we're moving towards that anyway, with the
big email providers (gmail, Microsoft) essentially becoming their own
ecosystem which includes a form of "authorisation" and with spam DNS
RBLs/whitelisting orgs doing stuff. But, at the moment it's happening
with no form of open discussion and with no standardisation. Maybe
accepting that it's happening and working together to get a good
standardised system would be better than pretending it's not happening
and having a disjointed mess?
--
Paul Smith Computer Services
Tel: 01484 855800
Vat No: GB 685 6987 53
Sign up for news & updates at http://www.pscs.co.uk/go/subscribe
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp