-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 17 August 2004 10:12 am, Fridrik Skulason wrote:
Combined with legal means, ISPs restricting outgoing traffic, and
a real-time blacklist, you could eliminate much of the spam, but
not all - compromised machines are a problem in most scenarios.
What will happen is those people who refuse to secure their networks will
get a bad reputation. For instance, suppose Amazon (or Microsoft, or any
major corporation on the internet) gets infected with a spammy worm. If the
company doesn't move to immediately stop the worm, or if it leaves itself
to infection time and again, then people won't trust mail coming from that
company as much as email coming from a company that takes extra precaution
to ensure that it doesn't get infected with spammy worms.
In the end, you will be filtering irresponsible companies' mail, checking
for the latest worm, but you won't be filtering responsible companies' mail
because they won't have a history of sending out worms. The sender pays by
either cleaning up their network or by losing the occasional authentic
email to filters. That's the practical aspect.
Don't underestimate the power of public opinion. If company A had a
reputation for being worm infected, but company B always kept their act
clean, which one would you trust with your business? In other words, when
we start tracking down who's sending these worms and not securing
themselves, there will be even more incentive to clean up their act.
- --
Jonathan M. Gardner
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFBI5TDBFeYcclU5Q0RAo5KAKCO9DvvOhcxtEfpTgkzie0bPlo4ZACdEMgp
XvgOn3s17CF+P2tp52Q/01M=
=4VGf
-----END PGP SIGNATURE-----