Wouldn't it be possible to change it's delta-v to place it in a stable circular orbit around the earth? Why piddle with little tinker-toy space stations when you could have a kilometer-size rock in a stable orbit to play with to make a real orbital outpost?
Personally, I think there are 5 approaches we can take to fight SPAM.
These approaches I feel are sustainable inasmuch as that they don't
require you get an army of people to do work to get the problem of
SPAM fixed. Filtering solutions are a nice short-term fix, but I
don't think they will scale very well over time. Specially if you
take into account the fact that SPAM is just growing geometrically
if not exponentially.
Approach #1: WhiteListing
Whitelisting is basically the process by which your mail account is
by default "closed" to all senders. You gradually give permission
to certain people to send you Email thus creating a whitelist. The
whitelisting implementations I've seen work this way: if you get an
Email from someone you don't know, a warning Email is sent to you
asking you to do certain steps to allow this sender to send you Email.
If you agree, the sender is added to your whitelist. To me this is
probably the most sensible short-term approach. Problem: Instead of getting innundated with SPAM, users will
get flooded with permission requests. However if a whitelisting
protocol is designed in such a fashion that all mail clients will
deal with permission requests the same way (by moving the messages
into a "pending" folder of some sort and by making it easy for the
user to browse/mark senders as valid or invalid), it may be the best
short-term technological solution.
Approach #2: Legistlation
Legislating SPAM away is probably one of the better solutions out there
since you get to penalize monetarily the senders of UCE. Of course, this
has to be a global (world-wide) process otherwise any SPAMMER could move
off-shore to a nation that doesn't have SPAM Laws. This problem is
fairly well known. Problem: Obviously, the wheels of justice turn very slowly and
politicians can be easily bought by the private interests behind SPAM
to counter the efforts of anti-spam lawyers. To replicate this effort
throughtout the world may be a very nice "feel-good" thought, but in
the end will probably be impossible to pull off.
Approach #3: Make the SMTP protocol Secure
The SMTP protocol is what, 30 years old? It really is time to improve
the damn thing to make it so that the sender of the Email has to _somehow_
be authenticated. That is, the mail server must exist, must have a
reverse DNS entry (PTR Record) and that the Email address of the sender
itself (the mail from: received during the SMTP transaction) is checked
against the sending mail server to see if the Email address exists. All
sending MTAs should be validated and sloppy system administration should
be no excuse in terms of having or not having a proper configuration. Problem: There will be heavy resistance from the mail server and
mail client industry to improve the protocol on a global level. Furthermore
there has to be some sort of phase-in period to give time for existing
installations to upgrade their software so support for the previous
incarnation of the protocol has to remain for an undefined period. It
would be very expensive to do. If the expense is greater than the expenses
caused by SPAM though, the industry as whole may not have a choice.
Approach #4: Create an MTA reputation database
Instead of changing the SMTP protocol, it may be that we need to create
some sort of central MTA authority that would rate servers using a
"reputation" scoring system. The more a domain or server is found to be
a source of SPAM, the lower the reputation rating, at some point (threshold),
mail would be refused network-wide at the connection level. Sort of an
automated global RBL with teeth. Problem: Requires some sort of authority (centralized or P2P)...
don't know how it could be implemented but such a system would require global
acceptance and integration into existing mail server software. Probably
just as expensive as approach #3 to implement. Overall though, if the cost
of the status quo is greater than the cost of implementing something like this,
then at some point the industry as a whole may not have a choice.
Approach #5: Require MTA certification
This is the "HAM Radio" approach. Require that all Mail Server and mail
service operators go through a global certification process for them to be
able to broadcast using the SMTP protocol. HAM Radio is self-regulated
more or less and it seems to work in terms of self-policing. Couldn't an
approach like that be taken for "email broadcasting"? Problem: Requires tight cooperation between government and some
unnamed agency that would represent all MTA operators. Lots of resistance
would be encountered with such an approach... this is a fuzzy idea and
would require more hashing out by the community but what they hey.:-)
Spammers operate off of huge lists of Email addresses that are harvested through various means: by going through usenet posts, by looking for Email addresses in "mailto" statements on websites, through "dictionary" spams sent to ISPs in bulk to see if messages bounce or not, so on and so forth...
The point is, alot of these lists have obsolete and dead addresses. When you click on one of these opt-out buttons, you're telling these shmoes that your address is indeed valid and someone is at the door.
When told to "click here to get removed from our list"... just say NO!:-)
a) It's clear that a legal solution probably won't work since SPAMMers will just move their operations to more legally clement shores and the one-world-government isn't around yet to enforce anti-spam laws on a planetary scale yet .
b) It's clear that a technological filtering solution is probably not the ideal way to go because ultimately, any filtering scheme doesn't address the issue that the SPAM is out there and it's still flooding our networks, regardless if you detect it as a SPAM or not.
The only conclusion is that we really need to fix the problem at it's source. Change the SMTP protocol to include a handshaking/whitelisting layer. Is there a reason why the big mail server makers and mail client makers couldn't get together and work on an extention of the protocol that would make the protocol secure?
To me, this is a no brainer and it's probably the only way to go at this point.
I really don't think trashing SMTP is the right idea. There's just too much invested into it to scrap it. It would make much more sense to work with the IETF to create a new RFC in consortium with various mail server and mail client makers to create an extention to the protocol.
Personally, I think the best thing would be to add a new authentication layer based around the negotiated (handshaking) whitelist concept. It's really the only way at this point to (a) get only mail from sources you approve of and (b) if you do happen to get Email from someone out of the blue, be able to grant/deny permission for that Email to come in.
So by all means, change SMTP... but it should be a big chunk of the mail client/server industry that takes responsibility for the change.
Slashdot Mirror
Wouldn't it be possible to change it's delta-v to place it in a stable circular orbit around the earth? Why piddle with little tinker-toy space stations when you could have a kilometer-size rock in a stable orbit to play with to make a real orbital outpost?
Approach #1: WhiteListing
Whitelisting is basically the process by which your mail account is by default "closed" to all senders. You gradually give permission to certain people to send you Email thus creating a whitelist. The whitelisting implementations I've seen work this way: if you get an Email from someone you don't know, a warning Email is sent to you asking you to do certain steps to allow this sender to send you Email. If you agree, the sender is added to your whitelist. To me this is probably the most sensible short-term approach.
Problem: Instead of getting innundated with SPAM, users will get flooded with permission requests. However if a whitelisting protocol is designed in such a fashion that all mail clients will deal with permission requests the same way (by moving the messages into a "pending" folder of some sort and by making it easy for the user to browse/mark senders as valid or invalid), it may be the best short-term technological solution.
Approach #2: Legistlation
Legislating SPAM away is probably one of the better solutions out there since you get to penalize monetarily the senders of UCE. Of course, this has to be a global (world-wide) process otherwise any SPAMMER could move off-shore to a nation that doesn't have SPAM Laws. This problem is fairly well known.
Problem: Obviously, the wheels of justice turn very slowly and politicians can be easily bought by the private interests behind SPAM to counter the efforts of anti-spam lawyers. To replicate this effort throughtout the world may be a very nice "feel-good" thought, but in the end will probably be impossible to pull off.
Approach #3: Make the SMTP protocol Secure
The SMTP protocol is what, 30 years old? It really is time to improve the damn thing to make it so that the sender of the Email has to _somehow_ be authenticated. That is, the mail server must exist, must have a reverse DNS entry (PTR Record) and that the Email address of the sender itself (the mail from: received during the SMTP transaction) is checked against the sending mail server to see if the Email address exists. All sending MTAs should be validated and sloppy system administration should be no excuse in terms of having or not having a proper configuration.
Problem: There will be heavy resistance from the mail server and mail client industry to improve the protocol on a global level. Furthermore there has to be some sort of phase-in period to give time for existing installations to upgrade their software so support for the previous incarnation of the protocol has to remain for an undefined period. It would be very expensive to do. If the expense is greater than the expenses caused by SPAM though, the industry as whole may not have a choice.
Approach #4: Create an MTA reputation database
Instead of changing the SMTP protocol, it may be that we need to create some sort of central MTA authority that would rate servers using a "reputation" scoring system. The more a domain or server is found to be a source of SPAM, the lower the reputation rating, at some point (threshold), mail would be refused network-wide at the connection level. Sort of an automated global RBL with teeth. ...
don't know how it could be implemented but such a system would require global
acceptance and integration into existing mail server software. Probably
just as expensive as approach #3 to implement. Overall though, if the cost
of the status quo is greater than the cost of implementing something like this,
then at some point the industry as a whole may not have a choice.
Problem: Requires some sort of authority (centralized or P2P)
Approach #5: Require MTA certification
This is the "HAM Radio" approach. Require that all Mail Server and mail service operators go through a global certification process for them to be able to broadcast using the SMTP protocol. HAM Radio is self-regulated more or less and it seems to work in terms of self-policing. Couldn't an approach like that be taken for "email broadcasting"? ... this is a fuzzy idea and
would require more hashing out by the community but what they hey.:-)
Problem: Requires tight cooperation between government and some unnamed agency that would represent all MTA operators. Lots of resistance would be encountered with such an approach
Dingbat.
The point is, alot of these lists have obsolete and dead addresses. When you click on one of these opt-out buttons, you're telling these shmoes that your address is indeed valid and someone is at the door.
When told to "click here to get removed from our list" ... just say NO! :-)
b) It's clear that a technological filtering solution is probably not the ideal way to go because ultimately, any filtering scheme doesn't address the issue that the SPAM is out there and it's still flooding our networks, regardless if you detect it as a SPAM or not.
The only conclusion is that we really need to fix the problem at it's source. Change the SMTP protocol to include a handshaking/whitelisting layer. Is there a reason why the big mail server makers and mail client makers couldn't get together and work on an extention of the protocol that would make the protocol secure?
To me, this is a no brainer and it's probably the only way to go at this point.
I really don't think trashing SMTP is the right idea. There's just too much invested into it to scrap it. It would make much more sense to work with the IETF to create a new RFC in consortium with various mail server and mail client makers to create an extention to the protocol.
Personally, I think the best thing would be to add a new authentication layer based around the negotiated (handshaking) whitelist concept. It's really the only way at this point to (a) get only mail from sources you approve of and (b) if you do happen to get Email from someone out of the blue, be able to grant/deny permission for that Email to come in.
So by all means, change SMTP ... but it should be a big chunk of the mail client/server industry that takes responsibility for the change.