[lug] Getting mail out of the Qwest/MSN mire

Sean Reifschneider jafo at tummy.com
Sun Jul 9 13:54:46 MDT 2006 

On Sat, Jul 08, 2006 at 11:34:54PM -0600, Nate Duehr wrote:
>One could argue that mail servers running with all of these features  
>by professionals would make e-mail itself more professional.  There's  
>nothing keeping companies or individuals from running the "old"  

I've had this idea kicking around which I call "E-mail 2".  It's a direct
rip-off of "Usenet 2", if you are familiar with that.  The idea is that an
E-mail 2 message is defined as an e-mail which is sent from an E-mail 2
server.

The trick is that E-mail 2 servers are defined as mail servers which do not
send spam, probably by adhering to a strict anti-spam policy.  In Usenet 2
they call these "sound nodes".  A Usenet 2 node can only receive news from
another sound node, and if your node is abused you are defined as an
unsound node.

It can all be implemented without changing the protocols, so that's a win.
It could be done either with known IPs of E-mail 2 nodes, or using
SMTP+TLS.  Basically, a sender would put in the E-mail 2 header, and any
node along the way would remove that header if it received the message
from a non E-mail 2 host.  It could even be implemented as a DNSBL sort of
lookup, quite easily.

In other words, it's a way of detecting an AUP on the path that e-mail has
taken.  Instead of trying to track the identity of a sender, distinguish
e-mail which is known to follow best practices for blocking spam.

There are many down sides though.  First of all, how do you tell when a
node goes unsound?  Rely on reports from users?  I get hundreds of reports
from AOL users every month that mailing lists I *KNOW* use confirmed opt-in
are spam.  Without significant user education, this isn't going to work.

Also, many spammers (I think) honestly believe that some of their
recipients anxiously await their message, and that they should be allowed
to send it.  They will litigate and attack those who get in the way of it.
Anyone doing this would have to be well funded and quite diverse.

Your statements above reminded me of this idea.  I think it's more valuable
to try to enforce a strong AUP or similar than to try to track it to a
particular sending identity.  Spammers already are creating and stealing
identities for their messages...

Sean
-- 
 Fire at the celuloud factory.  No film at eleven.
                 -- _Kentucky_Fried_Movie_
Sean Reifschneider, Member of Technical Staff <jafo at tummy.com>
tummy.com, ltd. - Linux Consulting since 1995: Ask me about High Availability

More information about the LUG mailing list