Another Idea For Stop Spam: Don't Send Mail Until It's Requested
from the hang-onto-it-for-a-bit... dept
Here comes yet another idea for stopping spam that takes a slightly different take on things. Rather than trying to block spam later down the road, the idea is to simply leave email messages on the sender’s hard drive or mail server (which one isn’t entirely clear, but mail server makes much more sense) and only have it sent when it’s asked for. It’s not explained how someone knows to ask for it, but it’s likely that a subject line or some bit of info is sent earlier. You can go over the why your anti-spam method doesn’t work checklist to come up with responses, but it’s unclear if this really would do anything at all. First, if you’re still being alerted to spam, you’d still have to delete it from your inbox. Most people never open spam anyway and delete it from the subject line, so it’s unclear how the experience would be that different (okay, maybe a bit less network congestion). Second, it would still require some pretty massive changes to email systems, which could definitely hinder adoption. Finally, with so much spam coming from zombie machines, why would spammers care where the spam messages sit?
Comments on “Another Idea For Stop Spam: Don't Send Mail Until It's Requested”
This is ancient
D. J. Bernstein proposed the same basic concept as Internet Mail 2000, about three years ago.
Spam - a much easier solution
I have one email account. I get ZERO spam. How you ask? My server rejects ALL senders not on my “white list”. Checking the senders IP, address spoofing doesn’t get thru. When I deal with vendors/companies/governments I take the few minutes to enter them into the white list. It’s been over a year and I’ve recv’d a total of 4 (yes 4) unwanted emails (then refined my reverse IP check to block that loophole). Very very few email users need to have a open email account, and the few that do should go to a web form then whitelist method. SPAM would be stopped in a few months if more people would adopt this method. Trust me, you won’t miss it. For the naysayers who say “what if I miss some important email message” – I say, if it’s that important there’s the phone, cell phone, snail mail, faxes, personal visits, etc.
Re: Spam - a much easier solution
That’s fine for you, what about for doing business?
Individuals and companies whose customers contact them via email need to accept email from previously unknown sources — if you want to stay in business, you don’t force new customers to jump through hoops in order to contact you.
Re: Re: Spam - a much easier solution
Much as it may suck, doing all business via first contact web forms has done wonders. Basically setup everything so that no email addresses are present on a web site, and everything is handled through a web form, so that even a view source does not reveal the destination email address.
Re: Re: Spam - a much easier solution
I do run a business, and as I stated in my post, for blind first contacts, I have a web form, which then feeds my white list if the contact is legit. Customers/Clients are forced to jump thru all types of hoops, all the time, in normal business, so making them use a “first contact” method that prevents SPAM is no big deal. Trust me, if your potential client whines at using a SPAM prevention tool (and has to use said tool only one time) they aren’t worth having as a customer.
It might work, but...
I have my doubts about this approach. The problem is that the
sender still has to send out a notifications to the recipient and
while this uses a lot less bandwidth than sending the whole message,
it doesn’t do anything about the problem of finding the one legitimate
message in your spam-filled inbox.
Currently, I use bogofilter and it does an okay job. But to use it on
a sender-stores system, I’d first have to download every notification
anyway and there goes the bandwidth savings. Also, it means the
sender knows I downloaded his message. Combine that with the
lower cost of sending notifications and dictionary attacks become a
lot more useful to spammers.
Granted, having the message reside on a fixed server might make
it possible to shut down a spam before it makes any money. However, I
can think of several dodges around that. You could use hacked PCs on
broadband networks or servers in countries that are hard to reach
legally or socially. You could claim that yes, the spam message was
yours but you only sent notifications to a couple of thousand people
on your mailing list and the rest are the result of some rogue
Also, it would require throwing away the entire existing
e-mail infrastructure and replacing it with this. So no, I don’t
think it’ll happen