SendMail CTO Sounds Off On Spam and FTC

CowboyRobot writes "Eric Allman takes his well-deserved turn in commenting on the state of spam, the dark future, and the need for intervention. He calls spam an "arms race" where "in the long run everyone loses (except the arms dealers)." As you might imagine, he's on our side, and he does a good job of clearly describing the current state of spam, and the possible solutions."

The more I think about it......

[The+One+KEA]

....the more I realize that no amount of technology or legislation is ever going to completely eradicate spam from our lives. More and more it seems to me that the only way we can get rid of spam is through educating the next generation of Internet users to ignore it.

Spammers spam because they make money. Educate people to ignore spam, and the spammers don't make money. Bingo, no more spam!

I know it sounds like a pipe dream, but what other options are there?

Secure email protocols won't help.

It sounds like a good idea on the surface, but it won't work.

I got hit by a spammer last week who was changing his host names every couple of messages. And not just on the envelope - he was changing 'em in DNS because he had his own nameserver! He got shut down by the mid-level carrier after about 12 hours, during which my servers received thousands of messages that I had to block by IP. Today, though, I am getting the same stuff, now coming from a cracked cable-modem user.

Hundreds of the spams that hit here every day are sent from cracked systems connected to Comcast, RoadRunner, and Verizon DSL.

If you allow anyone to send mail, regardless of how that mail is encrypted or secured, the spammers will find a way to illegally take advantage of that legitimate mailserver and send their trash.

This is because they are criminals. Not "legitimate businessmen" and not "entrepreneurs exercising their freedom of speech". Criminals who purchase accounts with stolen credit card numbers and move on as soon as an ISP shuts them down.

Person to person communication in the future

[Filik]

Darn, article got slashdotted before I could read it, so this reply is just general musings.

The spam problem has to do with the whole future of person to person communication, as well as the whole future of adverticement. Whichever way it will be solved, a very likely outcome is that in 10 years it will no longer be possible in any way to get in touch with someone you don't already know from outside the Internet, and the first decade of Internet will be looked back upon with nostalgia as the only decade of totally free communication. This is because the real problem lies in the initial contact.

You might argue that we can still communicate via boards, chat channels and similar things, where you can give out crypt-keys to those you wish to continue communicating with, but remember that these will be the next target for adverticing after open email collapses. I'm sure adverticers will even write AI's to simulate people so that they can lure the crypt-keys from innocents.

Re:I like the idea

[aborchers]

Even if most spam does currently originate in America, if the U.S. somehow passes and enforces an effective anti-spam law, there is effectively zero cost involved in these spammers moving there business out of the States and still spamming Americans.

As much as I find balkanizing the network to be philosophically repugnant, there is a second step that is not often discussed in the context of US legislation against spam.

Once spam is banned in the US, we (the network operators) have to block traffic from netblocks assigned to countries that are friendly to spam. The legitimate business and communications needs of those countries will then drive them to enact their own anti-spam policies to get off the block lists. If their only need for the network is to send spam, then they will soon find themselves isolated and ineffective.

I don't like it, but to me it looks more and more like the lesser of evils...