The low interest rates and the high real estate prices is what softens the negative effects of the dot com bubble. Basically, the society lost a lot of money on stocks, but gained a lot of money on real estate. This way, the dot com crash doesn't create as heavy wounds as it might have done.
If the real estate prices are a bubble, and it bursts, the politicians will consider the size of it and maybe compensate differently. Unfortunately, the USA has a huge deficit, which limits the options.
It's a common misconception, that SPF isn't about fighting spam. It is. This is how it works:
SPF is meant to work with other mechanisms. A DNS blacklist is obvious, but internal whitelists are even more obvious. If SPF is used with greylisting, blacklists and bayesian filters, then this is how it can work for specific e-mails:
E-mails from well-known e-mail addresses, that are known not to send spam, are usually automatic whitelisted. If the e-mails are sent from the correct mailservers, they just pass through the entire spamfiltering system. If they are sent from a forged server, they are rejected as part of the SMTP session and never even enter the mailserver.
E-mails from people we don't know, but have SPF records, work like this: If the mailserver is forged, the mail is rejected immediately and doesn't enter the mailserver. If the mailserver is OK, first time they try to deliver the e-mail, the greylisting system activates and delays the delivery. Second time they try to deliver, the sending mailserver and e-mail address is looked up in blacklisting services. If the system is still OK, a bayesian filter is applied. If the e-mail is still OK, it's delivered.
If the e-mail is from a sender that doesn't have SPF at all, greylisting and bayesian filtering is applied as usual, but with greatly increased risk of being marked as spam. Some mailservers may even reject the e-mail immediately because of lack of SPF record.
As you can see, the SPF record is about getting your e-mails through spamfilters. System administrators will experience less load, because the automatic whitelisting in combination with SPF records makes most e-mails pass without running bayesian filtering.
Very obvious domains to whitelist are your own. If you have two or more domains, the mailservers for these should whitelist each other, making all e-mails pass. Since you want to be able to change, which servers you use, SPF records are a good way of communicating to these mailservers, which other mailservers they should trust.
I need to provide a few comments: - Bad SPF records should be considered as not being there at all. For instance "v=spf1 all" would enable all mailservers in the world, and should therefore be ignored. - Most spamfighting techniques just put the e-mail into a spam folder. The sender does not know, that the e-mail didn't arrive in the inbox, and that's bad. With SPF, it is much more likely that a non-spammer gets his/her e-mail delivered or bounced because it isn't able to deliver it via smtp to the receiver (misconfiguration).
As long as we want to receive e-mails from people we haven't communicated with before, spam (unwanted e-mails) will exist. SPF just makes it a lot easier to filter them out.
This post is a bit late, I hope there are still moderators around.
This is not about technology. Small children shouldn't be playing around with knives, which is a very old invention, but it's ok to play around with brand-new technology inventions from LEGO.
It's about addiction. Addictive is, when you keep needing more and more. This includes video games, television, sugar in food (some people forget that) and some toys which have been designed to make you addictive to buying more (like collecting stupid cards).
There are many ways to prevent addiction, but as far as I experience it, sugar in food is actually an important part of this. Children who get much sugar, by drinking it, eating it or somehow else, are usually much harder to control. A kid who just emptied a big glass of something that contains sugar is much harder to get away from a playstation, than a kid who drinks water.
I tried to make a family, that I know well, give their children water instead of a sugar/flavor/water mix. The result was that their kids behaved much better, but had the same level of activities. The results were amazing. It was also much easier to make them sleep at night afterwards and to make them eat their food at Dinner.
This should all be very well documented, btw, although I cannot provide any URLs right now.
Not all multi-user systems are designed to be secure against the best hackers around, and there is often bad cost/benefit at following all security recommendations as soon as you hear about them.
Give us some more facts, so that we can think for ourselves.
Renting is more expensive than leasing because you can halt the contract with short notice.
Buying means spending more money to start with.
Borrowing money to buy instead of leasing would be the obvious choice IF the lender knows that you will succeed. If there is doubt about whether you will succeed with your new company, it will be very expensive to borrow the money to buy the stuff, and then leasing is cheaper.
Programming commercial software must: - Focus on maximizing the feature list and on marketing demands - Protect their intellectual property by providing API's instead of file formats.
Programming Open Source means: - Make sure that the features in the system actually work as intended. - Exploit synergi effects with other software (interoperability, using the code, piping etc.) - Use well defined file formats instead of APIs.
Did you know that the Microsoft Access file format is "company confidential"? Actually, the precise file format is probably not even written down anywhere in an internal document, since you don't need it - you just use the same code to read a block that you used to write it. It was never intended to be read by more than one implementation of the file format.
1 US/UK inch is 2.54cm 1 Danish inch is 2.62cm other countries have other sizes
Since 72 points=1 inch in both countries, a 12 point Times font has different sizes in different countries. Most countries have adopted the US/UK point size though after DTP software started to be used professionally.
Most other non-SI units are also available in different sizes. For instance, a mile is:
1 US/UK mile: 1.6km 1 nautical mile: 1.852km 1 Danish mile: 7.5km (same as North Germany) 1 Swedish mile: 10km
Nowadays, many days use 1 mile = 10km though, because Sweden is our neighbor, and they still use "miles".
Having owned a Roomba (the much cheaper, competing product from USA) for some time, I can only say that the next big thing will be a robotic floorwasher:-)
The biggest problem for most computer gamers I know, is that they drink cola with sugar and eat candy bars. Their biggest arguments for not drinking diet coke are: doesn't taste well, aspartam is dangerous for your health.
They simply don't get the priorities right - being overweight is much more dangerous than drinking diet coke! The only way to lose weight is to consume less kilojoule (4,18 Joule = 1 Calories for those Americans who don't understand the metric system) than you spend on living. If you want to continue drinking sugar-cola and eat candie bars, you really have to do a lot of exercise!!! - more than most people with that kind of weight problems can or will do.
Personally I lost 15kg in 5 months without doing any exercise, without any special plan for what I eat, just by replacing coke with diet coke and removing all fat and sugar from my meals, replacing food with low-energy and diet products. At Christmas 2004 I expect to have lost 30kg, and spring 2005 I expect to have lost 35kg, and then I have reached my ideal bodyweight and will have to do something to keep my weight up:-)
Please disregard my previous post - obviously I don't know too well how bittorent works - it still modifies the MD5 sum of the first CD, so I guess it's not completely downloaded, yet.
The MD5SUM file posted here in this forum has a valid Fedora Project GnuPG signature, if you remove the excess spaces. And I've now downloaded the first CD via bittorrent, and the MD5 sum doesn't match... I can only conclude, that this is not the final Fedora Core 2, but a hoax.
This is not consumer unfriendly - it's about getting a better experience, and especially a social experience where you meet other people.
One of the main reasons why Counter-Strike got so popular, was that dead players could chat with each other - it simply added a social experience to the computer game.
The future is not much different from going to Disney Land - you only have the experience during the time period you paid for, a big part of the experience is being there together with other people, and you don't own anything after leaving it (except for the memory).
If Sierra's Tribes 2 game was a pay-per-month service, I'm sure it would have survived longer than it did.
-=EEF=-Dybdahl Euro Elite Force http://www.euroeliteforce.net/
It reduces spam because spamfilters like spamassassin etc. can add extra points to those e-mails that did not verify against SPF records.
If Red Hat adds SPF verification to their default spamassassin configuration files, a lot of companies will start to add SPF records to their DNS.
If I send an e-mail to a RoadRunner mailbox, it is rejected. Why? Because my mailserver is a Linux box on my ADSL internet connection, and RoadRunner blocks all e-mails from residential IP ranges. With SPF, such filtering can be made much more careful, making it possible for me to send e-mails to RoadRunner customers again.
I know the rules for one ISP that provides "free traffic as long as it doesn't conflict with other terms". This very unprecise definition of "free traffic" should be understood like this:
- They allow some customers to use extreme amounts of traffic compared to how much they pay. The turnover for some customers is as low as $1 per 1000 GByte bandwidth (!). - A lot of the bandwidth is free, because they are peering with other ISPs, so the customers can actually use enormous amounts of bandwidth and it doesn't cost them anything. - They don't want to kick customers because of bandwidth usage, because it gives a bad reputation. - Only those customers that use big amounts of bandwidth that costs them money will get warnings and eventually kicked. - It differs a lot from market to market (country to country), how many customers an ISP can kick without getting a bad reputation. It also differs, how much bandwidth costs - for instance, bandwidth is much more expensive in Germany than in Sweden and Denmark.
I believe that many other ISPs think the same way. This means that:
- Things like BitTorrent might be more acceptable to ISPs, if more bandwidth stays within the same ISP or to geographically close ISPs which have a higher probability of peering with the user's ISP. - Since users don't know who their ISPs do free peering with, it can be very difficult to determine, what amount of bandwidth that the ISP doesn't like.
The article doesn't provide many numbers, so I better provide some. In Denmark, there are more cellular subscribers now than fixed line subscribers. Of the 11 houses on our street, 2 only use cellular phones, and one of these has ADSL but no fixed line subscription.
In my nephiew's class, 2 families out of 24 don't have a phone number that belongs to a fixed line.
Currently, a fixed line costs 255 euros to create in Denmark, and 16 euros a month. It's cheaper per minute than a mobile phone, unless you call a mobile phone - in which case the mobile phone is cheaper per minute. Add to that the costs of buying a phone.
A mobile phone can be bought very cheap - used phones are normally 15-30 euros, there is no subscriptions fees and it's now down to 9 cents a minute outside workhours and down to 11 cents a minute in workhours. All prices include the Danish 25% Value Added Tax.
So in general, mobile phones are cheaper for most people, and more and more people are abandoning their fixed lines. The skew is already here and it's growing.
The protocol should specify which MX server to ask. The query should be made concurrently with the SMTP transaction in order to be able to reject the e-mail at once if wanted. If it is specified, that the sending server should be queried, the e-mail should not be accepted unless that query can actually be made positively. This is in order to avoid non-delivery due to network problems.
If you would implement this in postfix, you would make the postfix server specify itself as the one to ask, and it would only be open for validity queries as long as it is running smtp delivery sessions. When receiving e-mails that specify validity checks, it would ask the sender for validity according to the protocol. If everything is OK, a header should be added saying so. If not, the e-mail should be rejected.
A spamassassin user would then give points if that header isn't present, if the mailserver is blacklisted or if the e-mail address is blacklisted. After a couple of years, many users might automatically delete all e-mails that come from blacklisted servers or blacklisted e-mail addresses or doesn't have a validated sender e-mail address.
It slows down e-mail delivery a bit, probably 0.05 seconds normally, and maybe 0.5 seconds for transatlantic e-mail delivery, and it does increase the number of concurrent TCP connections on mailservers. But that's much better than having each of 5.000 users on a mail/webmail server spend 10-20 seconds server CPU time for each e-mail they send. This is a huge load to put on our servers.
Dial-up connections usually use the ISP mailservers, and the ISP has to ensure, that the sender e-mail address is correct. By doing that, you can easily blacklist e-mail addresses instead of blacklisting the ISPs mailserver. It couldn't be much easier getting rid of a spammer.
For those, that use the dial-up ISPs mailserver for an e-mail address that is not known to the ISP, they will have to tell their ISP about that e-mail address or get the outgoing e-mail server service somewhere else. One such example could be http://www.surftown.dk/, where outgoing e-mails are sent via their servers, using authenticated SMTP.
It's a check of the e-mail. Each e-mail has a unique identifier, and each mail server simply has to answer this simple question:
Did you send an e-mail within the last couple of minutes with this ID?
This does not verify the e-mail address 100%, but it makes all verified e-mails traceable to a specific mailserver only based on the contents of the e-mail. No more forged e-mail headers, no more hidden smtp agents built into worms and no more worms sent to you by software behind NAT gateways etc.
The article was read and understood before I posted.
I'm the sysadmin (and thus also mailadmin!) of a european webhotel with >20 employees and know what I am talking about.
Your criticism is undocumented, unexplained and if you were truly interested, you should get yourself a slashdot account so that your identity can be verified.
This seems to be a "let's fix this by limiting what technology can do" case.
Instead, they should focus on adding more functionality to the smtp protocol. For instance, they could add sender e-mail address verification. You can't check the actual e-mail address, but you can make a "dial-back" TCP connection to check, if the e-mail is known by the mail-server that belongs to the sender e-mail address.
Combined with law enforcement, blacklists etc., this is extremely effective.
Making e-mails "expensive" to send is stupid. There are many ways to fight spam effectively without doing that.
We could start by adding sender e-mail address verification to smtp - the recipient looks up the e-mail address's MX record, and asks if that specific e-mail was sent from that mail server. If not, it's probably spam.
The more server that implement this scheme, the more points will be given to those e-mails (by spamassassin etc.) that do not have this sender verification set up. Within a year or two, all serious mail providers, companies etc. will have sender address verification.
Combined with law enforcement, blacklists etc., this can become extremely effective.
The obvious replacement for the proprietary systems is Jabber, must aunt Caroline must be able to create a Jabber account much easier - as it is today, Jabber requires knowledge of Jabber, which is a major obstacle.
This tool is not meant for desktop application development, but for mobile and embedded systems. If you need screenshots, then this tool is not for you:-)
The key to micropayments is to use existing customer relationships. Mobile phones are a good example - you can buy access to information or services by sending an SMS to a specific phone number. The payment comes onto your phone bill and everybody is happy.
I am currently involves in implementing micropayments for gaming services, and it works great.
Slashdot Mirror
The low interest rates and the high real estate prices is what softens the negative effects of the dot com bubble. Basically, the society lost a lot of money on stocks, but gained a lot of money on real estate. This way, the dot com crash doesn't create as heavy wounds as it might have done.
If the real estate prices are a bubble, and it bursts, the politicians will consider the size of it and maybe compensate differently. Unfortunately, the USA has a huge deficit, which limits the options.
It's a common misconception, that SPF isn't about fighting spam. It is. This is how it works:
SPF is meant to work with other mechanisms. A DNS blacklist is obvious, but internal whitelists are even more obvious. If SPF is used with greylisting, blacklists and bayesian filters, then this is how it can work for specific e-mails:
E-mails from well-known e-mail addresses, that are known not to send spam, are usually automatic whitelisted. If the e-mails are sent from the correct mailservers, they just pass through the entire spamfiltering system. If they are sent from a forged server, they are rejected as part of the SMTP session and never even enter the mailserver.
E-mails from people we don't know, but have SPF records, work like this: If the mailserver is forged, the mail is rejected immediately and doesn't enter the mailserver. If the mailserver is OK, first time they try to deliver the e-mail, the greylisting system activates and delays the delivery. Second time they try to deliver, the sending mailserver and e-mail address is looked up in blacklisting services. If the system is still OK, a bayesian filter is applied. If the e-mail is still OK, it's delivered.
If the e-mail is from a sender that doesn't have SPF at all, greylisting and bayesian filtering is applied as usual, but with greatly increased risk of being marked as spam. Some mailservers may even reject the e-mail immediately because of lack of SPF record.
As you can see, the SPF record is about getting your e-mails through spamfilters. System administrators will experience less load, because the automatic whitelisting in combination with SPF records makes most e-mails pass without running bayesian filtering.
Very obvious domains to whitelist are your own. If you have two or more domains, the mailservers for these should whitelist each other, making all e-mails pass. Since you want to be able to change, which servers you use, SPF records are a good way of communicating to these mailservers, which other mailservers they should trust.
I need to provide a few comments:
- Bad SPF records should be considered as not being there at all. For instance "v=spf1 all" would enable all mailservers in the world, and should therefore be ignored.
- Most spamfighting techniques just put the e-mail into a spam folder. The sender does not know, that the e-mail didn't arrive in the inbox, and that's bad. With SPF, it is much more likely that a non-spammer gets his/her e-mail delivered or bounced because it isn't able to deliver it via smtp to the receiver (misconfiguration).
As long as we want to receive e-mails from people we haven't communicated with before, spam (unwanted e-mails) will exist. SPF just makes it a lot easier to filter them out.
Lars.
This post is a bit late, I hope there are still moderators around.
This is not about technology. Small children shouldn't be playing around with knives, which is a very old invention, but it's ok to play around with brand-new technology inventions from LEGO.
It's about addiction. Addictive is, when you keep needing more and more. This includes video games, television, sugar in food (some people forget that) and some toys which have been designed to make you addictive to buying more (like collecting stupid cards).
There are many ways to prevent addiction, but as far as I experience it, sugar in food is actually an important part of this. Children who get much sugar, by drinking it, eating it or somehow else, are usually much harder to control. A kid who just emptied a big glass of something that contains sugar is much harder to get away from a playstation, than a kid who drinks water.
I tried to make a family, that I know well, give their children water instead of a sugar/flavor/water mix. The result was that their kids behaved much better, but had the same level of activities. The results were amazing. It was also much easier to make them sleep at night afterwards and to make them eat their food at Dinner.
This should all be very well documented, btw, although I cannot provide any URLs right now.
The original article published by Microsoft is here:
j un05/06-07TechEdServer.mspx
http://www.microsoft.com/presspass/features/2005/
Not all multi-user systems are designed to be secure against the best hackers around, and there is often bad cost/benefit at following all security recommendations as soon as you hear about them.
Give us some more facts, so that we can think for ourselves.
Renting is more expensive than leasing because you can halt the contract with short notice.
Buying means spending more money to start with.
Borrowing money to buy instead of leasing would be the obvious choice IF the lender knows that you will succeed. If there is doubt about whether you will succeed with your new company, it will be very expensive to borrow the money to buy the stuff, and then leasing is cheaper.
That's it.
Lars Dybdahl.
So, in real life we'll see it in 2007? Or 2008? I guess we have an issue for a poll here :-)
Programming commercial software must:
- Focus on maximizing the feature list and on marketing demands
- Protect their intellectual property by providing API's instead of file formats.
Programming Open Source means:
- Make sure that the features in the system actually work as intended.
- Exploit synergi effects with other software (interoperability, using the code, piping etc.)
- Use well defined file formats instead of APIs.
Did you know that the Microsoft Access file format is "company confidential"? Actually, the precise file format is probably not even written down anywhere in an internal document, since you don't need it - you just use the same code to read a block that you used to write it. It was never intended to be read by more than one implementation of the file format.
1 US/UK inch is 2.54cm
1 Danish inch is 2.62cm
other countries have other sizes
Since 72 points=1 inch in both countries, a 12 point Times font has different sizes in different countries. Most countries have adopted the US/UK point size though after DTP software started to be used professionally.
Most other non-SI units are also available in different sizes. For instance, a mile is:
1 US/UK mile: 1.6km
1 nautical mile: 1.852km
1 Danish mile: 7.5km (same as North Germany)
1 Swedish mile: 10km
Nowadays, many days use 1 mile = 10km though, because Sweden is our neighbor, and they still use "miles".
Having owned a Roomba (the much cheaper, competing product from USA) for some time, I can only say that the next big thing will be a robotic floorwasher :-)
The biggest problem for most computer gamers I know, is that they drink cola with sugar and eat candy bars. Their biggest arguments for not drinking diet coke are: doesn't taste well, aspartam is dangerous for your health.
:-)
They simply don't get the priorities right - being overweight is much more dangerous than drinking diet coke! The only way to lose weight is to consume less kilojoule (4,18 Joule = 1 Calories for those Americans who don't understand the metric system) than you spend on living. If you want to continue drinking sugar-cola and eat candie bars, you really have to do a lot of exercise!!! - more than most people with that kind of weight problems can or will do.
Personally I lost 15kg in 5 months without doing any exercise, without any special plan for what I eat, just by replacing coke with diet coke and removing all fat and sugar from my meals, replacing food with low-energy and diet products. At Christmas 2004 I expect to have lost 30kg, and spring 2005 I expect to have lost 35kg, and then I have reached my ideal bodyweight and will have to do something to keep my weight up
Please disregard my previous post - obviously I don't know too well how bittorent works - it still modifies the MD5 sum of the first CD, so I guess it's not completely downloaded, yet.
The MD5SUM file posted here in this forum has a valid Fedora Project GnuPG signature, if you remove the excess spaces. And I've now downloaded the first CD via bittorrent, and the MD5 sum doesn't match... I can only conclude, that this is not the final Fedora Core 2, but a hoax.
This is not consumer unfriendly - it's about getting a better experience, and especially a social experience where you meet other people.
One of the main reasons why Counter-Strike got so popular, was that dead players could chat with each other - it simply added a social experience to the computer game.
The future is not much different from going to Disney Land - you only have the experience during the time period you paid for, a big part of the experience is being there together with other people, and you don't own anything after leaving it (except for the memory).
If Sierra's Tribes 2 game was a pay-per-month service, I'm sure it would have survived longer than it did.
-=EEF=-Dybdahl
Euro Elite Force
http://www.euroeliteforce.net/
It reduces spam because spamfilters like spamassassin etc. can add extra points to those e-mails that did not verify against SPF records.
If Red Hat adds SPF verification to their default spamassassin configuration files, a lot of companies will start to add SPF records to their DNS.
If I send an e-mail to a RoadRunner mailbox, it is rejected. Why? Because my mailserver is a Linux box on my ADSL internet connection, and RoadRunner blocks all e-mails from residential IP ranges. With SPF, such filtering can be made much more careful, making it possible for me to send e-mails to RoadRunner customers again.
I know the rules for one ISP that provides "free traffic as long as it doesn't conflict with other terms". This very unprecise definition of "free traffic" should be understood like this:
- They allow some customers to use extreme amounts of traffic compared to how much they pay. The turnover for some customers is as low as $1 per 1000 GByte bandwidth (!).
- A lot of the bandwidth is free, because they are peering with other ISPs, so the customers can actually use enormous amounts of bandwidth and it doesn't cost them anything.
- They don't want to kick customers because of bandwidth usage, because it gives a bad reputation.
- Only those customers that use big amounts of bandwidth that costs them money will get warnings and eventually kicked.
- It differs a lot from market to market (country to country), how many customers an ISP can kick without getting a bad reputation. It also differs, how much bandwidth costs - for instance, bandwidth is much more expensive in Germany than in Sweden and Denmark.
I believe that many other ISPs think the same way. This means that:
- Things like BitTorrent might be more acceptable to ISPs, if more bandwidth stays within the same ISP or to geographically close ISPs which have a higher probability of peering with the user's ISP.
- Since users don't know who their ISPs do free peering with, it can be very difficult to determine, what amount of bandwidth that the ISP doesn't like.
The article doesn't provide many numbers, so I better provide some. In Denmark, there are more cellular subscribers now than fixed line subscribers. Of the 11 houses on our street, 2 only use cellular phones, and one of these has ADSL but no fixed line subscription.
In my nephiew's class, 2 families out of 24 don't have a phone number that belongs to a fixed line.
Currently, a fixed line costs 255 euros to create in Denmark, and 16 euros a month. It's cheaper per minute than a mobile phone, unless you call a mobile phone - in which case the mobile phone is cheaper per minute. Add to that the costs of buying a phone.
A mobile phone can be bought very cheap - used phones are normally 15-30 euros, there is no subscriptions fees and it's now down to 9 cents a minute outside workhours and down to 11 cents a minute in workhours. All prices include the Danish 25% Value Added Tax.
So in general, mobile phones are cheaper for most people, and more and more people are abandoning their fixed lines. The skew is already here and it's growing.
The protocol should specify which MX server to ask. The query should be made concurrently with the SMTP transaction in order to be able to reject the e-mail at once if wanted. If it is specified, that the sending server should be queried, the e-mail should not be accepted unless that query can actually be made positively. This is in order to avoid non-delivery due to network problems.
If you would implement this in postfix, you would make the postfix server specify itself as the one to ask, and it would only be open for validity queries as long as it is running smtp delivery sessions. When receiving e-mails that specify validity checks, it would ask the sender for validity according to the protocol. If everything is OK, a header should be added saying so. If not, the e-mail should be rejected.
A spamassassin user would then give points if that header isn't present, if the mailserver is blacklisted or if the e-mail address is blacklisted. After a couple of years, many users might automatically delete all e-mails that come from blacklisted servers or blacklisted e-mail addresses or doesn't have a validated sender e-mail address.
It slows down e-mail delivery a bit, probably 0.05 seconds normally, and maybe 0.5 seconds for transatlantic e-mail delivery, and it does increase the number of concurrent TCP connections on mailservers. But that's much better than having each of 5.000 users on a mail/webmail server spend 10-20 seconds server CPU time for each e-mail they send. This is a huge load to put on our servers.
Dial-up connections usually use the ISP mailservers, and the ISP has to ensure, that the sender e-mail address is correct. By doing that, you can easily blacklist e-mail addresses instead of blacklisting the ISPs mailserver. It couldn't be much easier getting rid of a spammer.
For those, that use the dial-up ISPs mailserver for an e-mail address that is not known to the ISP, they will have to tell their ISP about that e-mail address or get the outgoing e-mail server service somewhere else. One such example could be http://www.surftown.dk/, where outgoing e-mails are sent via their servers, using authenticated SMTP.
Dybdahl.
It's a check of the e-mail. Each e-mail has a unique identifier, and each mail server simply has to answer this simple question:
Did you send an e-mail within the last couple of minutes with this ID?
This does not verify the e-mail address 100%, but it makes all verified e-mails traceable to a specific mailserver only based on the contents of the e-mail. No more forged e-mail headers, no more hidden smtp agents built into worms and no more worms sent to you by software behind NAT gateways etc.
The article was read and understood before I posted.
I'm the sysadmin (and thus also mailadmin!) of a european webhotel with >20 employees and know what I am talking about.
Your criticism is undocumented, unexplained and if you were truly interested, you should get yourself a slashdot account so that your identity can be verified.
This seems to be a "let's fix this by limiting what technology can do" case.
Instead, they should focus on adding more functionality to the smtp protocol. For instance, they could add sender e-mail address verification. You can't check the actual e-mail address, but you can make a "dial-back" TCP connection to check, if the e-mail is known by the mail-server that belongs to the sender e-mail address.
Combined with law enforcement, blacklists etc., this is extremely effective.
Making e-mails "expensive" to send is stupid. There are many ways to fight spam effectively without doing that.
We could start by adding sender e-mail address verification to smtp - the recipient looks up the e-mail address's MX record, and asks if that specific e-mail was sent from that mail server. If not, it's probably spam.
The more server that implement this scheme, the more points will be given to those e-mails (by spamassassin etc.) that do not have this sender verification set up. Within a year or two, all serious mail providers, companies etc. will have sender address verification.
Combined with law enforcement, blacklists etc., this can become extremely effective.
Dybdahl
The obvious replacement for the proprietary systems is Jabber, must aunt Caroline must be able to create a Jabber account much easier - as it is today, Jabber requires knowledge of Jabber, which is a major obstacle.
This tool is not meant for desktop application development, but for mobile and embedded systems. If you need screenshots, then this tool is not for you :-)
The key to micropayments is to use existing customer relationships. Mobile phones are a good example - you can buy access to information or services by sending an SMS to a specific phone number. The payment comes onto your phone bill and everybody is happy.
I am currently involves in implementing micropayments for gaming services, and it works great.