Slashdot Mirror

← Back to Stories (view on slashdot.org)

Meng Wong's Perspectives on Antispam

Posted by samzenpus on from the no-more-online-pharmacy dept.

netscoop writes "CircleID is running an interesting blog by Meng Wong, best known as the lead developer of the anti-spam authentication scheme, SPF. While touching on various recent hot issues, Meng has this to say about phishing: 'The final solution to the phishing problem requires that people use a whitelist-only, default-deny paradigm for email. Many people already subscribe to default-deny for IM and VoIP, but there is a cultural resistance to whitelist-only email -- email is perceived as the medium of least reserve. I believe that we must move to a default-deny model for email to solve phishing; at the same time we must preserve the openness that made email the killer app in the first place. The tension between these poles creates a tremendous opportunity for innovation and social good if we get things right, and for shattering failure if we get things wrong.' Right or wrong, definitely worth a read."

2 of 298 comments (clear)

  1. Too much trouble by squeemey · · Score: 5, Interesting
    All this trouble would have been avoided by charging for email in the first place.

    My proposal:

    Charge 3 cents per letter. One cent goes to the ISP sending the mail, one cent to the ISP receiving the mail, and one cent to the recipient.

    The ISP on either end would credit/debit the sender/receiver's account.

    And watch the spam disappear.

    --
    Bill
  2. Considering IP blocking tactics, it's pointless by Peter+Cooper · · Score: 4, Interesting

    I think whitelisting is a pretty good idea. My SpamAssassin-oriented setup kinda does things this way. That is, a non whitelisted mail has to be pretty squeaky clean to get through, whereas whitelisted addresses get straight through.

    But lately I've been hitting a different problem which totally destroys the point of e-mail in many cases for me. That is, idiotic sys admins who firewall out entire IP blocks for, seemingly, no reason.

    Just because someone several machines down the co-lo rack let their machine get hacked is no reason for mail server administrators to *firewall out* entire ranges of IP addresses. Lately I've seen some ridiculous behavior where users of the other mail server can't even e-mail people on MY server because the block is two-way! So I end up with users complaining that only certain e-mail addresses appear unmailable (because only a small percentage of sysadmins are stupid enough to block entire classes) but it's still a major PITA that makes e-mail useless for many people. The worst part is when you complain to these sys admins/ISPs, many of them proclaim innocence and believe they have no blocks.. but it's their upstream provider, etc, etc.

    I'm beginning to think that encouraging people to migrate over to systems like 'GMail for your domain' and the like are going to be the way to go. At least Google has teams of people working 24/7 keeping their machines whitelisted. Having the US government able to subpoena your private information is the least of your worries, as long as you can actually e-mail the people you need to.

    And no, schemes like SPF do not help this problem, since if they're blocking IP ranges outright at their firewall, nothing can break through that except mail proxying (which I've been considering).