Doug's Inner Net News
News and views from a software developer's perspective
Wednesday, July 10, 2002
There are other techniques for fighting spam. I would like to see a trusted network that runs parallel to the port 25 SMTP network. The trusted network could also use SMTP as the protocol. The difference would be that the trusted network would have controlled access points -- namely, that the MTAs all share a whitelist of other MTAs and MSAs, and all submission occurs through a known MSA (that's Mail Submission Agent). This is not much different than what we have for Internet mail now. Many ISPs require that you submit mail through their mail servers (MSAs). The difference would be the controlled access throughout, which means that if there is spam, one can determine with a high degree of certainty where that spam originated. And that means there is some degree of accountability. Finally, since this trusted network would be run in parallel with the old SMTP network (port 25), that means we could still have the old system for casual use. The trusted system could be used for business. MUAs (Mail User Agents) could support both the trusted network and the untrusted network, and allow users to have mail from the untrusted network to be deposited into a special, low-priority inbox.
News and views from a software developer's perspective
Wednesday, July 10, 2002There are other techniques for fighting spam. I would like to see a trusted network that runs parallel to the port 25 SMTP network. The trusted network could also use SMTP as the protocol. The difference would be that the trusted network would have controlled access points -- namely, that the MTAs all share a whitelist of other MTAs and MSAs, and all submission occurs through a known MSA (that's Mail Submission Agent). This is not much different than what we have for Internet mail now. Many ISPs require that you submit mail through their mail servers (MSAs). The difference would be the controlled access throughout, which means that if there is spam, one can determine with a high degree of certainty where that spam originated. And that means there is some degree of accountability. Finally, since this trusted network would be run in parallel with the old SMTP network (port 25), that means we could still have the old system for casual use. The trusted system could be used for business. MUAs (Mail User Agents) could support both the trusted network and the untrusted network, and allow users to have mail from the untrusted network to be deposited into a special, low-priority inbox.
10:11:56 AM 
Jon Udell has a good article on Palladium and trust. He remarks that trust is a good way to curb spam. He's right.
But what about other ways to build trust. I still think the whitelist idea is good. The whitelist contains mail addresses that I will accept mail from. If I get an email from an address that is not on the whitelist, then my system automatically sends a response back to that address and tells the sender how to get on the whitelist. What I really like about the whitelist idea, is that it means you only get mail from humans. I hate getting mail from machines.
9:58:12 AM