Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Anti-Spam Research Group's Plan for Spam

Posted by michael on from the bit-bucket dept.

egoff writes "Speaking of standards, the ASRG, a member of the IETF, has a plan for "consent-based communications." Among the suggestions, according to Internet Week, are authentication services for falsified addresses, trusted senders, reputation systems (karma?), opt-out tools, best practices for challenge/response, and even a proposal for micropayments on unwanted mail. Instead of defining spam, the ASRG wants to provide administrators and users the tools necessary to avoid what they consider to be unwanted. One of the tools, Reverse MX, is expected to be in place in several months. It would allow the receiving mail server to query a domain to determine if the sending server is allowed to send on its behalf."

10 of 225 comments (clear)

  1. THAT would be very useful... by WCMI92 · · Score: 5, Interesting

    "One of the tools, Reverse MX, is expected to be in place in several months. It would allow the receiving mail server to query a domain to determine if the sending server is allowed to send on its behalf."

    This would more or less force spammers to send from their own domains... Or from ISP's that are spam friendly.

    It might not STOP spam (though blacklisting would be easier), but it'd make it traceable...

    Which would make it easier to file complaints under the anti spam laws.

    --
    Corporatism != Free Market
    1. Re:THAT would be very useful... by keli · · Score: 5, Insightful

      ... but how would you tell the difference? And you would still be able to use your email address as an identifier from anywhere, provided that you use the correct mail server.

      It would also be very convenient if you could change the caller-ID of the phone you are dialling from to your home phone number, when dialling from a friend's house or from work...

  2. Cooperate and I'll Read by AvantLegion · · Score: 5, Interesting
    You know, I wouldn't mind receiving advertisements in email if:

    1. They were about things I gave a damn about
    2. They were marked (like ADV:) for easy filtering

    What bothers me about spam are the violations of those two. I don't want emails about printer toner, or bigger schlongs. And I don't like having ads clutter up my inbox, where email from people I know and such belongs.

    But if I could filter it all into an "Ads" mailbox, just like I have mailboxes for various mailing lists, I would scan the offers about stuff I might actually want. I'd be much more inclined to "click through" then, while my all-time number of click-throughs of spam email to date totals 0.

    1. Re:Cooperate and I'll Read by Eggplant62 · · Score: 5, Insightful
      But if I could filter it all into an "Ads" mailbox, just like I have mailboxes for various mailing lists, I would scan the offers about stuff I might actually want. I'd be much more inclined to "click through" then, while my all-time number of click-throughs of spam email to date totals 0.
      Why not just be honest. Didn't you really mean to say /dev/null? Ads mailbox my ass. IF I WANT IT IN MY MAILBOX, I'LL SIGN UP TO IT. OTHERWISE, KEEP THE FUCK OUT. Marketers don't realize that I'll allow free access to friends, relatives and anyone else I've had an existing business relationship with. All others can pay ME to use it or subsidize my ridiculously expensive internet bill, which their current efforts are what keeps it so friggin' high in the first place.

      Christ, who do you think is paying for any of this shit? US!!
  3. inevitable by falsification · · Score: 5, Interesting
    It's inevitable. E-mail as we know it is going away.

    Spam is now the enemy. It must be destroyed. Here comes the IETF to solve the problem.

    SMTP Next Generation is on its way. The only question is the exact design. The general outline is already known. First, there will be real-world verification of identity tied to every account capable of sending SMTP NG e-mail. There will be a transition period where people can sign up for "upgraded" (NG) e-mail accounts; then, a period where these "upgraded" accounts can receive e-mail from other NG accounts as well as from old, potentially anonymous accounts. Business and government users will transition to NG.

    Then, there will be an Internet-wide deadline, upon which all NG e-mail addresses will be unable to receive e-mail except from other NG addresses. All SMTP old generation traffic will be blocked. The old base of mail users will be forced to transition to SMTP NG. At this point, if there is ever a complaint about spam, the spammer can be tracked down and booted off Internet e-mail forever. As a result, spam will cease to exist.

    The day the Internet died. Sure, it will be more "efficient" then. No spam. But it won't be free.

    Don't cry about it. It happens to all technology. Those who need anonymous communications will just move to something else. Maybe web-based discussion, for example. Just no more truly private, truly anonymous, or truly free e-mail.

    Coming soon to your neighborhood.

    1. Re:inevitable by bobbozzo · · Score: 5, Insightful
      Just no more truly private, truly anonymous, or truly free e-mail.

      E-Mail isn't anonymous, and never has been, (your IP is traceable back to you) unless you use an anonymous remailer.

      If SMTP2 or whatever is successfull, then people will make anonymous remailers for it.

      --
      Nothing to see here; Move along.
  4. Great article on RMX by mfago · · Score: 5, Informative

    Great write-up on RMX, brought to you by the same guy who came up with an easy way to snapshot.

  5. Short lived phenomenon by ObviousGuy · · Score: 5, Interesting

    Spam is simply not profitable enough to last much longer. It is the last of a dying breed of pioneering Internet money-making schemes like the pyramid scheme emails and banner ads. Eventually the spammers will move on to other means of money making because their revenue is guaranteed to drop off as their tactics turn more and more people off.

    Instead of fighting the good fight here, the best thing to do is let this dying ember peter out on its own. Forcing spammers to use more drastic tactics just results in them doing more harm in the long run. If there had been no resistance at all, we'd probably be seeing a much more mature and respectable online advertising industry instead of the random, haphazard, and very annoying multitude of spam king wannabes downloading their spam kits and setting up shop.

    --
    I have been pwned because my /. password was too easy to guess.
  6. Paul Vixie proposed something like this by dvanduzer · · Score: 5, Informative

    The original discussion on Nanog can be found here or perhaps here. He originally had the proposal on his site (dead link) but he seems to have taken the page down, and I don't see any reference to him contributing to this draft.

  7. Hidden Features by Voivod · · Score: 5, Insightful

    Mail agents like Mozilla will have to become more sophisticated about what mail relays they use when sending mail. Suddenly it's not okay to send both your personal e-mail and your work-from-home e-mail through your DSL ISP's mail server since your work domain DNS will claim no relationship with your DSL ISP's server.

    Could Mozilla use RMX to determine on the fly what relay to use? It sees that you're sending from a @slashdot.org address, so it does an RMX lookup on slashdot.org and discovers the IP of all the relays for that address. Ah, a nice clean new standard... the desire to abuse it is overwhelming. :-)

    An ironic side effect is that mail administrators are going to have to open up more holes in their relays. Your users can't just bounce mail off their random ISPs anymore. They have to use the real corporate mailserver now, which means you can't just lock things down by IP address such that only internal corporate users can use the relay.