Referencing: Wireless race for speed intensifies
It looks like it's getting closer: internet access as easy and ubiquitous as cell phone access.
I'm all for that, but it also probably means thousands more insecure, unprotected machines, which means even more spam for the rest of us. Gosh, you can't get people to buy hardware firewall routers now, they certainly won't pay the extra cost when "hooking up" is as easy as turning on their machine.
I suppose there is some hope from the news that AOL, Microsoft, Yahoo and Earthlink are at least trying to work together on this. Aside from limiting email sent by zombies, the base proposals are: (quote from above referenced article):
One method, backed by Microsoft, AOL and EarthLink, involves checking the address of an incoming e-mail against its numerical Internet identifier. It's the digital equivalent of the post office matching people's names with their registered home addresses -- if there's no match, the e-mail doesn't go through. The other method, backed by Yahoo, adds a unique digital signature, or key, to each outgoing message. The recipient's e-mail provider then matches the signature against another key to make sure it is authentic.
Neither idea is the full solution, but either could begin to cut down on spam. Voluntary registration could be the start of it: I'd tell some central authority that mail coming from me is legitimate if it originates from a particular isp. Some of us would need to authorize multiple isp's, but that's simple enough. If my software had the ability to add the digital signature that Yahoo suggests, I could do that instead. Of course, there's no immediate advantage to me - except perhaps stopping a few of the myriad forged messages that bounce around the internet. Because of the way that email works (it doesn't have to go through any intermediary at all), there will always be unsolicited mail coming to your machine.
But as more and more of us opted into these concepts, it would become easier and easier to say "I won't accept your email if it is outside of these parameters". That day wouldn't come for some time, so we'd need to encourage folks to join up. The large ISP's can of course insist that their customers do so, but the whole world doesn't run through AOL, MSN, Yahoo and Earthlink.
Perhaps one way to hasten acceptance and joining in would be to artificially delay "un-verified" mail - so mail that does pass authenticity tests speeds right along to its destination, but everything else gets held up for a bit. Mail filters could tell that had happened, so "verified" mail could be sifted to the top of your inbox - another encouragement for non-spammers to get themselves verified, id'd or whatever it takes. This delay could only be applied to mail going through the big guys, but that would cover a lot of people, and because that affects both the receiver and the sender, the sender would have incentive to be part of the process so their important messages wouldn't be delayed. The process spreads, and soon enough we could say "I accept no mail unless you are verified". A less draconian, but perhaps still effective way is to add a header tag to unverified mail - again so filters could bubble untagged mail upward.
Utopian dreams, no doubt. It will all get bogged down in politics and in-fighting, and we'll be seeing Viagra ads forever.
Got something to add? Send me email.
More Articles by Tony Lawrence © 2011-07-04 Tony Lawrence
The camel has evolved to be relatively self-sufficient. (On the other hand, the camel has not evolved to smell good. Neither has Perl.) (Larry Wall)