.mail Domain To Eliminate Spam?

steve.m writes "The BBC are reporting on a new batch of top level domain names being submitted to ICANN for approval. By far the most interesting proposal is for a .mail TLD to register legitimate mail servers. Could this eventually be the end of spam ?" *yawn* The same old discussion, with no implementation in sight.

Only a way to extract more money from people

Give me a break, now on top of my .com .net and .org domain, I need to buy a .mail name to send mail??? I don't think so.

no solution in sight

[all+your+mwbassguy+a]

im sorry, folks, but the only thing that i see ever working is micropayments.

Re:no solution in sight

[gid13]

I still think that's a terrible idea. Aside from the cost to legitimate users, there's also the fact that snail mail spam survives, and at a much higher cost per attempt. This means the e-mail spam people can probably afford their much worse success to attempt ratio.

How?

[FalconZero]

I might have missed something, but how would changing the TLD prevent spam?
* I could still sign up for bogus accounts with www.hotmail.mail
* I can still have a poorly configured box that relays spam to www.myisp.mail

Changing the name will not fix this unless the roots of the problem are addressed, unless
it was intended that only servers with a .mail TLD be able to send mail to each other?

"That which we call a rose by any other name would smell as sweet" - William Shakespeare

Silly silly silly

[grub]

A huge amount (if not the majority) of spam comes from open relays and compromised machines which this silly idea doesn't address. A ground-up overhaul of the mail system (with authentication) is what's needed, not another level of bureaucratic nonsense.

Re:Silly silly silly

[pkey]

How would Businesses be reachable via email under your fabulous no-one-has-a-public-email-address spam solution?

Or to use the same (rather silly) metaphor, the Wal-Mart down the street has a public phone number. Does this mean Wal-Mart's phone is constantly ringing?

I am not a celebrity, in real life or on the Internet. Would you like me to forward my spam to you? I guarantee that I get more spam than Bob Barker gets phone calls.

Re:Silly silly silly

[pkey]

You are familiar with the concept of "salesmen", yes? It is very necessary for salesmen to be easily reachable. A public email address makes them easily reachable. Would you like to suggest to the salesmen where I work that they should not have public email addresses? Would you like for me to redirect the spam filtered out of the mailboxes of the salesmen to you? These are business contact addresses, by the way.

Do you figure the spiders that crawl the web and harvest email addresses are intelligent enough to be able to tell the business addresses from the personal ones?

I think it's terrific that you "get NO spam at all". I also think that the idea that getting rid of publicly-available email addresses is a solution to the problem of spam deserves Fark's [assinine] tag.

Why would I want to register under so many TLDs?

[some2]

I have not been a fan of new TLDs for some time, as it seems to promote confusion. I consider it to be more inefficient to have companyname.info, companyname.com, companyname.net, companyname.org, companyname.mail, etc.... than to just have a simple single domain name (or the three majors, org net and com), with subdomains to break out the company functions (support, sales, mail, www, ftp). It seems much more confusing to me to have companyname.mail than mail.companyname.com, and besides that, why would we possibly want to justify the cost to register our domain under several TLDs, when .com has always been enough?

I'm curious...

[Dot.Com.CEO]

If it's such a stupid / boring idea (which it properly is), why the hell is it in the front page of slashdot?

Re:I'm curious...

[swb]

So the slashbots can have something to rail against.

What's amusing/irconic about the spam debate is that any possible solution is always shot down for technical/philosophical/OSS reasons. I have yet to see a solution advocated that gets more than 25% support.

I'm personally in favor of an RICO organized-crime investigation of the spamming "industry" and its related businesses; I think if real people started going to jail for long terms, including colluding executives from "legitimate" businesses such as ISPs, banks, and other businesses supporting spammers, we'd see a real reduction in spam. It wouldn't go away completely, but it would certainly be reduced.

Re:I'm curious...

[Dot.Com.CEO]

You assume something as the basis for your thesis that is not necessarily true: that spamming is a crime. It is not. It might be obnoxious, it might even advocate illegal services or products but mass mailing is not an illegal activity, obnoxious as it is. The only realistic solution is for us geeks to install spam blockers, bayesian if possible, to as many friends' computers as possible, thus rendering mass mailings ineffective.

Interestingly enough, more and more spam seem to sieve through my spam-filters. I guess we need something better? Or is spamassassin not the dog's bollocks any longer?

hehe... comments CAN bite back...

[FortKnox]

*yawn* The same old discussion, with no implementation in site.

Sorta like making an improved moderation system on slashdot instead of ping-ponging votes around?

Two domain names

[nempo]

Great, now you're forced to own two domain names to be able to host your own email server, one .mail for *gasp* your mail and one .*** for everything else.
Why not create .ftp, .ssh and so on when you're at it.

What a great idea...

[weave]

Yet another way for domain registrars to make a new killing off of providing a tiny record in a database somewhere.

Where can I sign up for my 100 year .mail domain?

Spam

[Iberian]

The only way to elimanate spam is to hold users accountable which is neat impossible with the anonmity the internet provides so unless you want to start registering your SSN and removing your foil hats just accept it as the small price for freedom.

Prefix, not suffix, you dumbasses

[ari_j]

Now I have to get mycompany.mail to handle mail and mycompany.com for my other uses, and people will get confused because mycompany.mail and mycompany.com are not necessarily the same mycompany. Moreover, there'll be no way to tell if I am from mycompany.com when I give an address of me@mycompany.mail. Yes, you can MX mycompany.mail to handle for mycompany.com, but you could register hiscompany.mail and people might get confused and send mail to him@hiscompany.mail instead of him@hiscompany.com, totally messing with him.

This is why you're supposed to have a mail.yourcompany.com subdomain to handle mail for yourcompany.com - there's only ambiguity if mail.yourcompany.com gets hijacked or your DNS provider gets bribed into giving it to a friend for a can of Coke (that bastard).

I think the appropriate solution to spam is to hunt down everyone who buys the stuff and kill them off. When people stopped buying pet rocks, they went off the market. Kill the demand, because spammers are lowlife who will risk death to supply it if the demand is there.

Re:Prefix, not suffix, you dumbasses

[joeytmann]

ummm mail.mycompany.com wouldn't necessarily be the name of a subdomain...it, most of the time, would be be the host itself in the mycompany.com domain. Using a .mail tld could work, but the rules for getting one and making sure records are kept up would have to be strict to say the least. There shouldn't be any confusion on the email address for each domain, they still would be him@hiscompany.com. The only thing that needs to change it the MX record for hiscompany.com which would be host.hiscompany.mail. Think of the .mail TLD more of a ICANN run DNS Blackhole, except the servers there are ones you can accept from, not deny....anything else would get denied. In most of the MTA's(sendmail, exim, and other spam filtering tools) they have the ability to check outside servers(relays.ordb.org for ex) if they are open-relays or not. Its the mail admins choice to use these. I don't think it would be hard to use the .mail the same way and implement a whitelist of people not in the .mail TLD, but that is their choice and would have to be maintained like the whitelists now. Oh well....let the flaming begin.... joey

Not sure how .mail will work

[El+Cubano]

It's pretty light on details, but it seems that the two most logical applications are problematic:

1) When you register foo.{com,net,biz,org,*} you also got foo.mail as a bonus. But if one person rgisters foo.com and also gets foo.mail, what happens to the person who later registers foo.net.

2) As a possible solution to point 1, when you register foo.com you also get foo.com.mail. This just seems ugly.

Also, will it cost me another $15-$45/year to get the benefit of this new domian? What of people who choose to not porticipate?

I still fail to see what the problem is with just doing a reverse lookup on the domain's MX. It utilizes existing infrastructure and isn't as ugly as throwing in another TLD to the mix.

How about you add this to it:

[AlphaWolf_HK]

1. If the IP address of the sender doesn't resolve to a .mail domain, discard it.

2. If any server on the .mail domain is used for spam, the name shall be terminated.

3. Set up a strict set of rules that define what is spam and what isn't, and all who are registered with a .mail domain must follow these rules, lest they be terminated as well.

Re:Why would I want to register under so many TLDs

but not selling 30 or more domain names to each company makes much less money for the registrars..

the whole thing is driven by greed, and it is EXACTLY what the creators of the internet said would happen as soon as greedy asshats got their hands on it.

anyone want to start Internet 1.5? create a wrapper protocol to run a real internet on top of the current mess?

Re:Obligatory spam solution rejection form

[spellraiser]

Um - call be crazy, but it seems to me that the linked article does not actually propose any solution/technology to fight spam. It's about possible new top level domain names, and it only briefly mentions the fact that some anti-spammers want to use .mail to store mail server information. Whee ...

Personally, I don't think anti-spammers' interest in .mail is the main story here. It's certainly not the only one...

1.5? sure...

[The+Queen]

Who's going to fund THAT one? As long as any endevour requires man-hours, and those man-hours are not 100% voluntary, you WILL have marketing and greed seep in.

I agree with the parent post, there are WAY too many TLDs as it is, and the overlap is insane. Why didn't we stick to .com for business, .net for networks, .edu for schools and .org for non-profits? Why should any corporation be allowed to register a .org???

What about duplicate names?

[The+Tithe]

So, even if this does go through and we do get a .mail TLD that is for only registerd mail servers. What happens when both companies/people owning the domains x.com and x.net suddenly want to get their x.mail domain to send mail. Who gets it? Maybe they're assuming people will opt for x.com.mail and x.net.mail. But that seems really annoying.

Re:Obligatory spam solution rejection form

Your post was hilarious, but it suggests the existence of some sort of end-all be-all SPAM solution that has yet to be found (perhaps you were going to suggest it but accidentally hit "Submit" too early).

Either that or your post is trying to hint that the successful elimination of SPAM will involve a multiple stage strategy, adopted over a period of time by increasing numbers of people, until it reaches a critical point where it becomes too expensive not to use systems that don't reject spam. And so, single ideas in a vacuum could not ever be expected to defeat SPAM.

Either that or you're just a cynical bastard who's much better at criticizing than constructing.

So which box should I check?

( ) Parent poster should always hit the "Preview" button before posting ( ) Parent poster is a bright guy who urges us to think more carefully about so-called instant SPAM solutions ( ) Parent poster is too jaded and cynical to actually help except with comic relief

Re:Obligatory spam solution rejection form

[Dot.Com.CEO]

You, sir, are suffering of an extreme lack of humor, an apparent inability to take criticism and an obvious crassness in your expression. I suggest yoga, reading a good book and sex, not necessarily in that order.

Nearing 500 messages, it's the first time I'm called a troll, by the way.

Re:Obligatory spam solution rejection form

[airrage]

Too bad +5 is as high as the meter will go. This was a lucid, irreverant, intelligent comment. The part I liked most was (in the 'Specifically, your plan fails to account for' section, "Requires immediate total cooperation from everybody at once".

You know we could all move the Earth from it's current orbit if we all jumped up at the same time. Okay, China you've got 1/6th the population, don't screw this up again!

Great post. Parent should go SHoF (Slashdot Hall of Fame).

Peace out.

How the .mail domain will work

[jjo]

It's apparent that the knee-jerk rejections of .mail are coming from people who haven't bothered to actually read the .mail proposal, or else who conclude that any anti-spam initiative that will not cause an immediate, total, worldwide cessation of spam is not even worth considering. All the .mail domain proposes is a more reliable locus for distributing whitelist information. It is expressly not intended to be user-visible, but rather to be solely for the purpose of automatic sender validation by mail receivers.

Whitelists work. Do they eliminate all spam? No. Are they part of a framework for reducing spam? Yes. Snide remarks about the futility of any possible approach to the spam problem may be amusing, but they obscure the fact that real (not perfect, but real) progress is possible. A .mail domain can be part of the solution.

reverse DNS sometimes costs extra

[bigpat]

I am not a spammer, but I am trying to keep a small company going, which has multiple domains running on one server. Many of these proposed solutions are very poorly documented and seem to just raise the bar for the little guy and do nothing to reduce spam.

Solutions that expect so called "legitamite" companies to have IT departments and multiple servers and multiple T1s will just end up raising the barriers to entry for small business. Spammers, these days, don't follow the rules.

Re:Good luck

[kaden]

But as the recent article about the guy who loved buying from spammers proved, Spammers have an effective business model because they only need a tiny percentage of their victims to bite before the spammers make a profit. You can convince 99% of people to boycott spam, but spammers still win because of that 1% who don't care.

I know this is impossible for any number of reasons, but wouldn't the solution be to make it illegal to buy from spammers? I imagine the huge bulk of their sales are to people in the US/Canada/Europe, where such a law could be enforced (were it not unconstitutional and whatnot).

Re:Good luck

[eparusel]

1) They don't have to worry about clueless users causing IP address conflicts as much.

2) If they change something around, they don't have to contact you to change your IP.

Re:What am I missing?

[dasunt]

Also, we need to get ISPs to block most ports by default. If you want a port opened, you simply request it from your ISP.

Not that I have to solicit criticism here on slashdot, but I'll ask anyways. What am I missing and why wouldn't this work?

My major fear is as soon as most ISPs switch to a system like this, opening up additional ports will only be possible for an additional cost, or for a more expensive plan.

"You want port 22 opened? That will be an additional $7.95 a month."

Re:What am I missing?

[bechthros]

That's almost exactly what happened to me when me+roommates first ordered a cable line. Since we were stupid enough to tell them we'd be using more than one machine on the line they automatically put us down for the "home networking package", where the cable modem is built right into a router that comes with - according to the tech - *every* port blocked except 80. No ftp, no P2P, no nuthin. Not even smtp clients, webmail only. Unless, of course, you wanted to place an order for "business services".

That was about when I told him to cancel our order, take his equipment and leave the premises. Took seven more visits by the same company before our internet actually worked (but that's another story)

Micropayments won't work

[Don+Tworry]

Micropayments won't work. As soon as you start charging for email messages spammers will figure out a way to avoid the charges by getting legitimate Mail servers to send their email (hey, I mean they do that already). Then legit businesses will get their bill the next month and say 'Hey wait a minute, I didn't send all those emails'

Micropayments would just make more of a mess.

Re: Dynamic IPs

[bendelo]

If you enabled DCHP, then the DCHP server can assign the same IP address to a particular MAC address each time. Thus it would have a 'static' IP address.

Re:Good luck

[JofCoRe]

It probably also comes down to ease of administration. To give someone a static IP address, you have to find an address that's not in use, and assign it to the person, and make sure it gets put into a "used" list so that it doesn't get used by someone else. To do a dynamic IP address, you just assign a pool of IP addresses, and you don't have to fuck w/it until you run out of IP's in the pool, and then all you have to do is add more to the pool. (and if you're paying attention, you should notice that your customers are outnumbering your IP addresses in your dynamic pool before it becomes a problem... at least that would be the preferred method I imagine :)

I would imagine that the extra work involved w/a static IP (even though it doesn't seem like much, i'm sure it adds up when you have 1000's of customers) is why they like to go dynamic. Just easier administration...