The problem with all of these initiatives is that you can't count on everyone signing on. It's like encrypted E-mail. Two technological solutions have been out there for years, but they've both achieved insignificant market penetration. So anyone who had a policy of denying unsigned mail would find that he blocks all the spam ... and 99% of legitimate E-mail too.
"It's not evil for God to do it. Or for someone to do it at God's command."- Jonathan Boyd on baby-killing
"you guys are fascinated with the use of those "rules of logic" to the extent that you don't really want to discussus anything."- GC
"I do not believe Russian Roulette is a stupid act" - Embracer of Darkness
"Viagra commercials appear to save lives" - tharkûn on US health care.
Darth Wong wrote:The problem with all of these initiatives is that you can't count on everyone signing on. It's like encrypted E-mail. Two technological solutions have been out there for years, but they've both achieved insignificant market penetration. So anyone who had a policy of denying unsigned mail would find that he blocks all the spam ... and 99% of legitimate E-mail too.
Well, instead of deleting unsigned email, could you just whitelist all the correctly signed stuff and then run a standard battery of filters on the rest?
Darth Wong wrote:The problem with all of these initiatives is that you can't count on everyone signing on. It's like encrypted E-mail. Two technological solutions have been out there for years, but they've both achieved insignificant market penetration. So anyone who had a policy of denying unsigned mail would find that he blocks all the spam ... and 99% of legitimate E-mail too.
Well, instead of deleting unsigned email, could you just whitelist all the correctly signed stuff and then run a standard battery of filters on the rest?
Which leaves us basically where we are now. You could easily set up a whitelist on known E-mail addresses right now since most "spoofed" E-mail addresses will be someone other than the virus writer, but not someone you actually know. The solution won't work.
The only solution which would work is to go Roman. Crucify a few spammers in public, and the rest will get the message.
"It's not evil for God to do it. Or for someone to do it at God's command."- Jonathan Boyd on baby-killing
"you guys are fascinated with the use of those "rules of logic" to the extent that you don't really want to discussus anything."- GC
"I do not believe Russian Roulette is a stupid act" - Embracer of Darkness
"Viagra commercials appear to save lives" - tharkûn on US health care.
Darth Wong wrote:Which leaves us basically where we are now. You could easily set up a whitelist on known E-mail addresses right now since most "spoofed" E-mail addresses will be someone other than the virus writer, but not someone you actually know. The solution won't work.
True, but what if this sees widespread implementation? Microsoft seems pretty gung-ho about their ECID and Yahoo likes their DK -- and the two of them are responsible for a lot of e-mail. Wouldn't that avoid the Catch-22 that you postulated earlier?
The only solution which would work is to go Roman. Crucify a few spammers in public, and the rest will get the message.
IIRC, there was actually a hit on one spammer some years back
Darth Wong wrote:The problem with all of these initiatives is that you can't count on everyone signing on. It's like encrypted E-mail. Two technological solutions have been out there for years, but they've both achieved insignificant market penetration. So anyone who had a policy of denying unsigned mail would find that he blocks all the spam ... and 99% of legitimate E-mail too.
You can if the US, Canadian and EU governments agree to some legislation on this. It isn't as unlikely as you might initially think either, after the tremendous success and popularity of the Do-not-Call list, the US Government has been holding comittee meetings about how to eliminate e-mail spam and there has been plenty of talk about leglislation to this effect.
If the US does decide to go that route, the EU and Canada will have to pretty much go along with it as the US still has the majority of control over the internet backbone.
AdmiralTDM wrote:Besides anti-spam filters are getting better and better everyday!
Spam filters are a bandaid on the problem. They handle the symptoms, not the cause.
The problem isnt you are recieving spam, but the spam is being sent to you.
"Okay, I'll have the truth with a side order of clarity." ~ Dr. Daniel Jackson.
"Reality has a well-known liberal bias." ~ Stephen Colbert
"One Drive, One Partition, the One True Path" ~ ars technica forums - warrens - on hhd partitioning schemes.
I like phongn's idea, but would this be acceptable also?
2 main e-mail entry areas:
1) approved address area
2) general
The approved address area goes through all e-mails received, and the ones that have a return header from someone on your 'approved' list, are put in here. All others go to the general area.
The general area wil store all the e-mails received, until your box gets over the limit, and will then bounce all others.
You can add an address to the approved list, and all further e-mails from that address go to the selected area. A polite option would be to also put all e-mails from the approved address into the approved area as well.
If you remove an address from the approved list, e-mails from that address from then on would go to the general list.
Sound good?
I will admit, it doesn't have as much flair as the Roman method, but it is quieter, on the receiving end.
That's similar to what you can do with programs like Eudora. Set up different folders for different types, including one that is just a list of approved e-mail addresses.
Tribun wrote:Billyboy only wants to grab money and size now control of the e-mail market.
So nothing really new.
I see that you appear to be incapable of reading the article.
Sharp-kun wrote:What about Yahoo? Most things I've read have had them being the main party in this.
Yahoo wants to digitally sign your headers to determine if the spam is from a spoofed address or not.
neoolong wrote:That's similar to what you can do with programs like Eudora. Set up different folders for different types, including one that is just a list of approved e-mail addresses.
Exactly. Whitelisting is a very old tactic; one thing I do is to block all mail that is not specifically addressed to me except which is already on my whitelist (so that I can handle mailing lists that use BCC).