Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Communications Security IT

Why Public Email Needs a Police Force 133

jfruhlinger writes "Those of us who had email addresses in the early days of the Internet age remember sending notes to webmaster email addresses to report malicious email behavior — and actually getting a response back. But today, a huge majority of mail comes from public services like Gmail or Yahoo mail, and getting anyone at those companies to take responsibility for abusive users is nearly impossible. 'If they could agree on a third-party service that could be the receptacle on a 24/7 basis for rapid account suspension, the 419 Fraud problem might dwindle down to a trickle quickly. It would take trust among the email providers to do this, but it would also alleviate big problems that law enforcement officials are usually unable to handle. Call them the email cops.'"
This discussion has been archived. No new comments can be posted.

Why Public Email Needs a Police Force

Comments Filter:
  • by Anonymous Coward on Saturday July 30, 2011 @01:10PM (#36934028)

    So now you can ACTUALLY report people to the cyber police?

    • Yes you can, and just like the IRL police... it doesn't mean that anything will happen.
      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Unless the person who is looking for help is friends with the police, then something will happen even if the accused didn't even come close to doing anything wrong.

    • by khasim ( 1285 ) <brandioch.conner@gmail.com> on Saturday July 30, 2011 @02:02PM (#36934374)

      He's focusing on 419 scams. He wants an instant (or almost instant) way to shut down the accounts that the 419 scammers use.

      Which means either an automated system (yeah, how'd you like your account killed because of something you posted on /. that someone took offense to)
      or
      A staff monitoring the abuse@ and postmaster@ accounts for the various email systems around the clock, every single day.

      And what would this accomplish?
      It would save the gullible people from themselves. Maybe. As long as the scammers didn't target their emails with enough different reply_to addresses to bypass this.

      I'm not getting a very good feeling for this guy's technical credentials.

      • by plover ( 150551 ) *

        Because we know the government should be babysitting our email. They should protect us from having to click delete on advertising that might trick us. "Please, o benevolent governments of the world, save us from being stupid."

        His technical credentials may be crap, but he'll have a hard time flushing those away as his morals have filled the septic tank.

        • And when those idiots click on those links and get infected by a botnet virus they just add to the spam and other crap using up bandwidth on the internet and clogging up your mailbox.
          • by plover ( 150551 ) *

            So I'm supposed to give up my privacy because idiots get viruses? That's attacking the wrong problem.

            Secure the failing systems, or if they can't be secured, the ISP's should isolate them until they stop emitting spam or other automated attacks. But the problem's not with my email.

      • Re: (Score:2, Troll)

        by Doctor_Jest ( 688315 )

        I think we're getting entirely too concerned with protecting people from themselves. This is an innocuous method for protecting the morons, but there have been other proposals that are much more sinister (and not even remotely helpful to anyone but corporations and governments..)

        The automated system sounds more palatable to people who hate the free speech that the internet gives certain demographics. :)

      • by Max_W ( 812974 )
        Actually he is right in one thing - only human inventiveness can confront human inventiveness. It is not possible to overcome spam only with technical measures. As example, during WW2 Nazis tried many techniques to automate guarding prisoners in concentration camps: mines, dogs, wires under voltage, but prisoners watched out and noted meticulously location of mines, feed dogs to get friendly with them, electricians among prisoners taught others to play electricity wires, etc. The conclusion of the resear
    • Who comes up with these stupid fucking ideas? How would these email police stop Russian or Chinese spammers? How would it prevent spam being spread by botnets? To put it bluntly the author is a fucking retard.

      • The spam I get uses forged headers anyway, and was sent from botnets.

        So even if abuse@(yahoo|gmail|hotmail|whatever) would cooperate, there is nothing they can do about a bot sending directly to the recipient's server with a fake From: header.

        All this plan could accomplish would be to suspend perfectly innocent email accounts from people who were unlucky that their address was used in spam headers.

        • The spam I get uses forged headers anyway, and was sent from botnets.

          So even if abuse@(yahoo|gmail|hotmail|whatever) would cooperate, there is nothing they can do about a bot sending directly to the recipient's server with a fake From: header.

          Almost all the spam I receive (but there's damn little of it) also has forged headers, usually including the From:, Return-path: and Received: fields, and often an X-Originating-IP: field also. However, a perusal of the headers usually reveals the true origin of the spam, usually an IP address in China or the US, or some compromised mail server. If you learn to parse the headers, you can usually spot where the spam really originated, even if the header contains a number of forged fields...

      • Yep, most likely a retard who fell for some internet scam. :-)

    • by Anonymous Coward

      PULL OVER POSTER

      I am an IRC COP.

      Do you know you were downloading at 5Mb/s in a 2 Mb/s zone?!

      Also, your hard drive activity light is busted, son. *smash*

    • Even to postulate such a thing as cyberpolice for email shows the utter moronic mindset of those making the suggestion or agreeing to it.

      First we already have laws covering it. Second it is akin to giving poice authority to the illiterate. How on earth can we trust anyone willing to support the likes of ACTA or the PROTECT IP Act. Utter morons. All of them.

  • by symbolset ( 646467 ) * on Saturday July 30, 2011 @01:10PM (#36934030) Journal

    Your post advocates a

    ( ) technical ( ) legislative ( ) market-based ( ) vigilante

    approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

    ( ) Spammers can easily use it to harvest email addresses
    ( ) Mailing lists and other legitimate email uses would be affected
    ( ) No one will be able to find the guy or collect the money
    ( ) It is defenseless against brute force attacks
    ( ) It will stop spam for two weeks and then we'll be stuck with it
    ( ) Users of email will not put up with it
    ( ) Microsoft will not put up with it
    ( ) The police will not put up with it
    ( ) Requires too much cooperation from spammers
    ( ) Requires immediate total cooperation from everybody at once
    ( ) Many email users cannot afford to lose business or alienate potential employers
    ( ) Spammers don't care about invalid addresses in their lists
    ( ) Anyone could anonymously destroy anyone else's career or business

    Specifically, your plan fails to account for

    ( ) Laws expressly prohibiting it
    ( ) Lack of centrally controlling authority for email
    ( ) Open relays in foreign countries
    ( ) Ease of searching tiny alphanumeric address space of all email addresses
    ( ) Asshats
    ( ) Jurisdictional problems
    ( ) Unpopularity of weird new taxes
    ( ) Public reluctance to accept weird new forms of money
    ( ) Huge existing software investment in SMTP
    ( ) Susceptibility of protocols other than SMTP to attack
    ( ) Willingness of users to install OS patches received by email
    ( ) Armies of worm riddled broadband-connected Windows boxes
    ( ) Eternal arms race involved in all filtering approaches
    ( ) Extreme profitability of spam
    ( ) Joe jobs and/or identity theft
    ( ) Technically illiterate politicians
    ( ) Extreme stupidity on the part of people who do business with spammers
    ( ) Dishonesty on the part of spammers themselves
    ( ) Bandwidth costs that are unaffected by client filtering
    ( ) Outlook

    and the following philosophical objections may also apply:

    ( ) Ideas similar to yours are easy to come up with, yet none have ever
    been shown practical
    ( ) Any scheme based on opt-out is unacceptable
    ( ) SMTP headers should not be the subject of legislation
    ( ) Blacklists suck
    ( ) Whitelists suck
    ( ) We should be able to talk about Viagra without being censored
    ( ) Countermeasures should not involve wire fraud or credit card fraud
    ( ) Countermeasures should not involve sabotage of public networks
    ( ) Countermeasures must work if phased in gradually
    ( ) Sending email should be free
    ( ) Why should we have to trust you and your servers?
    ( ) Incompatiblity with open source or open source licenses
    ( ) Feel-good measures do nothing to solve the problem
    ( ) Temporary/one-time email addresses are cumbersome
    ( ) I don't want the government reading my email
    ( ) Killing them that way is not slow and painful enough

    Furthermore, this is what I think about you:

    ( ) Sorry dude, but I don't think it would work.
    ( ) This is a stupid idea, and you're a stupid person for suggesting it.
    ( ) Nice try, assh0le! I'm going to find out where you live and burn your
    house down!

    craphound.com [craphound.com]

    • by 1s44c ( 552956 ) on Saturday July 30, 2011 @01:17PM (#36934082)

      Your post advocates a

      ( ) technical ( ) legislative ( ) market-based (X) vigilante

      approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

      ( ) Spammers can easily use it to harvest email addresses
      ( ) Mailing lists and other legitimate email uses would be affected
      ( ) No one will be able to find the guy or collect the money
      ( ) It is defenseless against brute force attacks
      ( ) It will stop spam for two weeks and then we'll be stuck with it
      (X) Users of email will not put up with it
      ( ) Microsoft will not put up with it
      ( ) The police will not put up with it
      ( ) Requires too much cooperation from spammers
      (X) Requires immediate total cooperation from everybody at once
      ( ) Many email users cannot afford to lose business or alienate potential employers
      ( ) Spammers don't care about invalid addresses in their lists
      (X) Anyone could anonymously destroy anyone else's career or business

      Specifically, your plan fails to account for

      ( ) Laws expressly prohibiting it
      (X) Lack of centrally controlling authority for email
      (X) Open relays in foreign countries
      ( ) Ease of searching tiny alphanumeric address space of all email addresses
      ( ) Asshats
      (X) Jurisdictional problems
      ( ) Unpopularity of weird new taxes
      ( ) Public reluctance to accept weird new forms of money
      ( ) Huge existing software investment in SMTP
      ( ) Susceptibility of protocols other than SMTP to attack
      ( ) Willingness of users to install OS patches received by email
      (X) Armies of worm riddled broadband-connected Windows boxes
      ( ) Eternal arms race involved in all filtering approaches
      (X) Extreme profitability of spam
      ( ) Joe jobs and/or identity theft
      (X) Technically illiterate politicians
      ( ) Extreme stupidity on the part of people who do business with spammers
      ( ) Dishonesty on the part of spammers themselves
      ( ) Bandwidth costs that are unaffected by client filtering
      ( ) Outlook

      and the following philosophical objections may also apply:

      (X) Ideas similar to yours are easy to come up with, yet none have ever
      been shown practical
      ( ) Any scheme based on opt-out is unacceptable
      (X) SMTP headers should not be the subject of legislation
      (X) Blacklists suck
      ( ) Whitelists suck
      ( ) We should be able to talk about Viagra without being censored
      ( ) Countermeasures should not involve wire fraud or credit card fraud
      (X) Countermeasures should not involve sabotage of public networks
      ( ) Countermeasures must work if phased in gradually
      ( ) Sending email should be free
      (X) Why should we have to trust you and your servers?
      ( ) Incompatiblity with open source or open source licenses
      ( ) Feel-good measures do nothing to solve the problem
      ( ) Temporary/one-time email addresses are cumbersome
      (X) I don't want the government reading my email
      ( ) Killing them that way is not slow and painful enough

      Furthermore, this is what I think about you:

      (X) Sorry dude, but I don't think it would work.
      ( ) This is a stupid idea, and you're a stupid person for suggesting it.
      ( ) Nice try, assh0le! I'm going to find out where you live and burn your
      house down!

  • postmaster@ (Score:5, Informative)

    by 1s44c ( 552956 ) on Saturday July 30, 2011 @01:11PM (#36934042)

    Those of us who had email addresses in the early days of the Internet age remember sending notes to webmaster email addresses to report malicious email behavior

    Webmaster@ will get you the webmaster.
    Postmaster@ will get you the postmaster.

    They might be the same person but the RFC states these address have to resolve to a human. If they don't with gmail, yahoomail, or whatever they these sites should be listed on rfc-ignorant.

    Email police? No, won't work. What happened to that standard spam solution form slashdot used to use?

    • by Anonymous Coward

      Neither of those are necessarily set up. It doesn't matter what RFCs state, the people responsible for servers don't have to bother handle email coming in, and many obviously don't. Try emailing them sometime, count the bounces.

      • by 1s44c ( 552956 )

        Neither of those are necessarily set up. It doesn't matter what RFCs state, the people responsible for servers don't have to bother handle email coming in, and many obviously don't. Try emailing them sometime, count the bounces.

        It matters for everyone who sets up mail servers correctly. If I find a big domain has a broken postmaster@ address I submit it to rfc-ignorant and mail whatever contact address I can find at that domain. You are right about them not caring, I rarely get a reply and when I do it's often from someone with no technical skills.

    • If I had a dollar for every item of spam sent to postmaster, webmaster, and yes even abuse @ every domain for which I host e-mail, I probably could buy a seat in the US Senate. At least in the House. Sorry, but those addresses go to /dev/null; I am humanly unable to comply.

      I wish it were still the 1980s, when "the RFC states" meant something, a mostly-benign cabal held sway over the backbone, and a person or company could conceivably get kicked off the internet (and make it stick for a while) if it was cl

    • Here is the rfc in question: http://tools.ietf.org/html/rfc5321 [ietf.org]

      It requires the server to accept mail for postmaster, it does not require it to deliver it to anyone.

    • by shtrom ( 1251560 )

      The RFC you mention is 2142 http://tools.ietf.org/html/rfc2142 [ietf.org].

      Another one which is worth mentioning here is the much more recent RFC 5965 http://tools.ietf.org/html/rfc5965 [ietf.org] which describes a format for email reports which could both be human- or machine-read. This could help speed up the processing of the complaints, and cluster those about the same address.

      However, the big problem would be to get operators to actually use these formats, cooperate, or recognise an external auditing entity.

  • no it dont (Score:4, Insightful)

    by JonySuede ( 1908576 ) on Saturday July 30, 2011 @01:13PM (#36934048) Journal

    enough with the voluntary fascism.

  • by Anonymous Coward

    Do police actively monitor normal mail? No? Well why the hell would they bother with email. There are already solutions in the market for things such as spam and fraud. Having an "email police" won't change anything considering how friggin easy it is to spoof emails as well as zombie networks (why do people bother trying to propose "solutions" when they don't even fully understand the technical problems). If anything, this would only increase abuse as well as reduce privacy.

    Hmm, maybe that is the point of t

  • by Anonymous Coward

    ...we get email tazers, email guns and email beatdowns.

    And how did I manage to get through the BBS days through today without being bothered by spam. In fact, my only interaction with a spammer lead to a happy transaction to get some nice valium. I would settle for bring those days back.

  • Without doubt the most stupid thing on slashdot today. So far.

  • by sneakyimp ( 1161443 ) on Saturday July 30, 2011 @01:25PM (#36934142)

    It's a lot easier to put giant IP blocks on your ban list for countries like China, Cyprus, and any country at all in Africa. Of course I realize that's fairly racist and geo-centric, but the "policing" alternative just isn't feasible because it's a slippery process which would require enormous volumes of man power. There needs to be an automated mechanism. I was thinking that gmail/hotmail/yahoo/whoever could auto-append a "flag this as spam" link to all emails which users could click. This would allow email providers to know exactly which user sent it and which message it was and dramatically streamline the process or complaint rather than forcing someone to parse email headers and sort it all out. Additionally it would offer very structured data for spam complaints that would facilitate algorithmic analysis to determine whether a ban (or just throttling) might mitigate and/or outright solve the problem.

    But then again, this system could also be abused.

    I think what the author of the article intended was not necessarily to improve spam control but actually to being law enforcement into the issue. Unfortunately, the article is rather poorly written and seems vague and diffused. I tend to concur that more legal punishment should be involved in the realm of scams and spamming.

    • Banning all of Latvian and Russian ips have reduced the number of random exploit hammerings on my servers by 99%

      Sad but true... and I dont have any users (and dont plan on getting any) from those countries anyway so why not :p

      • I just had the luxury of doing that on one of the networks I run. We block all countries but the handful that are the customers. The product is very US-centric, and has some pretty serious security concerns. It's not TS/SCI level, but it's higher than a bank.

        When we blocked all but a dozen "good" countries (countries where customers have been known to access from legitimately and/or have branch offices), brute force attempts dropped down to almost nothing. Spam dropped dow

        • Yeah, this kind of blocking is causing those countries to become "outcasts" on the net.

          Quite unfortunate, but that is how it goes. Hopefully the amount of crap coming out of those countries will drop as they become more stable.

    • "Of course I realize that's fairly racist and geo-centric,"

      It's not racist. Only idiots would perceive it that way.

      It IS geocentric, but who gives a fuck? I don't owe ANYONE permission to send me unsolicited email. It's all about me and fuck you, end of story.

      You can already flag webmails as Spam. I'd like a "blacklist IP block" option so I never see most of them in the first place.

  • yeah... no.
    We don't need an internet police, another organisation susceptible to politic bickering, bribes, ect.
    What we need is a better, more secure way of handling certain types of traffic.

  • Yahoo and Gmail are NOT public services! They are services that are owned and operated by corporations, not the government. Public services mean services provided by the government, like the postal service. Don't try and make it seem like email is a public service. It's not.
  • Whoever runs this 'service' needs to be paid.

    So just keep it where it belongs, with the postmaster@*, that way the better policed operation will eventually be the most economical and successful.

  • like facebook, g+ or whatever.

    you obviously don't want email protocol but a closed garden, maybe you'd like people to submit passport photos for access too along with proof of their career, housing, address and sexuality.

    419 fraud or personalised nigeria letters would still happen in that closed garden of yours.

  • Abuse.net seems to be trying to move away from it, but they still offer a single-point reporting service where you can forward spam from $DOMAIN to $DOMAIN@abuse.net and they'll forward to whatever the best contact is that they know of at $DOMAIN.
    "Once you've registered, when you send a message to domain-name@abuse.net, where domain-name is the name of the domain that was the source of junk e-mail or another abusive practice, the system here automatically re-mails your message to the best reporting address(

    • by azoblue ( 842509 )
      spamcop.net does much the same thing, and offers several other services as well.
      • I've been using spamcop for almost 10 years now. I only ever get a response from a postmaster/admin maybe once every few months (with ~20 reports/day sent) though I do it with hopes to have a spam-free day someday. Maybe it's just spam networks cycling like the seasons. Lately a great number of them seem to be coming from some indian company tatacommunications, It would appear that they don't care that they are a large proponent of my spam.
        • There are far too many assholes that use spamcop to flex their e-peen and put others through the horror of getting off of various block lists.
  • If that gets implemented anyone can pretty much get anyone they want banned from email.

    a single email from 200 or 300 of the machines in a botnet could get you banned in an instant and the mail-cops would never figure it out.

    And before you say it will stop the botnets, they would just get bigger and post fewer emails per zombie so it wouldn't affect them either.

  • Your post advocates a

    ( ) technical (X) legislative ( ) market-based ( ) vigilante

    approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

    ( ) Spammers can easily use it to harvest email addresses
    ( ) Mailing lists and other legitimate email uses would be affected
    ( ) No one will be able to find the guy or collect the mone

  • It's an interesting idea, but how would it be funded? Almost like a postal service for the internet. I'm trying to think of a value added service that would make users and ISPs want to sign up with the internet post office and can't think of one. There would have to some kind of fee to fund the agency and I'm not sure a reduction in spam would be enough incentive.

    If the major service providers told people they had to register with the internet post office before they could send mail, how do you enforce

  • Account suspension (Score:4, Interesting)

    by Adrian Lopez ( 2615 ) on Saturday July 30, 2011 @02:00PM (#36934356) Homepage

    "Rapid account suspension" as opposed to more deliberative approaches to account suspension? What could possibly go wrong?

  • Let the market sort it out. People who are stupid enough to get swindled out of their money will soon not be able to afford internet anymore, reducing the number of people too stupid to use it. Ahh, ain't darwinism a great thing?

    No, seriously. I don't quite get it why people who combine the insanely useful traits of greed and stupidity in one person should get any protection from having both exploited. Sorry, but my pity with people who turn off their brain when facing a computer is very, very limited.

  • This will clearly work, because we know that no one would ever make accusations in bad [wikipedia.org] faith [wikipedia.org].
  • I would rather not have my email under the control of a 3rd party.

    if i'm stupid enough to fall for a 419, then i deserve it.

    • by Anonymous Coward

      The key to a 419 scam is that you trust when someone tells you something that is supposed to make your life a lot better, but it's not true.

      This email plan is supposed to make our lives a lot better, and for it to work we just have to trust the authors or the owners of some central email servers...

  • by bcrowell ( 177657 ) on Saturday July 30, 2011 @02:25PM (#36934500) Homepage

    Gmail and yahoo both sign all outgoing messages cryptographically using dkim. That means that if you get a spam claiming to be from one of their accounts, you can verify that it really is from such an account. Once you've done that, you can report it: gmail [google.com], yahoo [yahoo.com]. So if the author of TFA is complaining that this can't be accomplished by sending email to abuse@gmail.com or postmaster@gmail.com, then I suppose he has a valid complaint that they're not complying with RFCs...but...that's the way it is. It's not the end of the world. Gotta use a web interface instead. Boo hoo.

    The author of TFA is upset that he can't get spamming accounts shut down instantly, 24/7. I actually don't really want an internet where any random person can get my ability to send email shut down instantly. What if it's a joe-job? What if the complaint is from one of these people who just clicks on "spam" when they don't want the mail, even when it's not spam? A much better way to handle this is to limit the number of messages per hour that can be sent from a newly created account. Then if it takes a day, or three days, to shut down a spam account, the consequences aren't that bad; the spammer can't use the account to send a million emails in 24 hours. I assume that gmail and yahoo already do this kind of rate-limiting.

    What would be a huge improvement would be if the remaining big email providers other than gmail and yahoo would start using dkim. Once dkim becomes universal, we can establish actual reputations for people as spammers or non-spammers.

    Virtually all the spam I get these days is from small domains. Recent examples include education-portal.com, spacesaver.com, and mg-style.net. The solution proposed by the author of TFA is to bug education-portal.com to respond to email sent to abuse@education-portal.com by deactivating jones@education-portal.com. Um, that isn't going to work, because jones works for education-portal.com, and they want him to spam me. The solution is to make dkim universal enough that people can stop accepting mail from domains that don't dkim-sign. Then education-portal.com can get an online reputation as a spammer, and everyone can start blocking them in their spam filters.

    • What if the complaint is from one of these people who just clicks on "spam" when they don't want the mail, even when it's not spam?

      If I clicked on the spam button, it's spam. I don't care why you think we have a business relationship. We don't, I'm not interested.

      If I buy a product online and have to register I *always* untick any "send me product updates" checkbox. If you didn't ask that question, you have no permission to send me any emails, and are thus sending me spam.

      • by gnud ( 934243 )

        It's nice that you always remember which buisnesses are allowed to send you newsletters.

        Don't you think it's plausible that someone signs up for a newsletter, and when they get it 3 weeks later have forgotten, and mark it as "spam"? Wouldn't that be a problem with the suggested anti-spam system, especially for smaller buisnesses?

      • It matters not one bit about what you think is spam. It really isn't all about you.

        There are some people, and some I know that consider spam as anything they don't want to see. They might say that my first sentence is spam. Any posts they agree with are okay. none they don't. A mail list I run had a person who posted a tasteless and stupid political screed. I had several requests to "get rid of the spam that was taking over the list". One post, and it wasn't spam, just stupid. I contacted the person invo

    • A much better way to handle this is to limit the number of messages per hour that can be sent from a newly created account. Then if it takes a day, or three days, to shut down a spam account, the consequences aren't that bad; the spammer can't use the account to send a million emails in 24 hours. I assume that gmail and yahoo already do this kind of rate-limiting.

      That wouldn't work very well. The spammer would just sign up for a lot of email accounts instead. Or rent a server, linode is like $20 for a month, and I bet you can send a lot of spam before it is shut down.

  • And after some time, who would stop this 3rd party "police" from buckling under pressure from governments/corporations and start scanning all email accounts for other "unfit", "inappropriate" and "potentially harmful" content and banning accounts on a whim? Thanks, but no thanks.
  • Just give me the top authority and immunity from any civil or criminal litigation!

    No problem

    Hotmail, Yahoo, Gmail, AIM (amongst others) are all going to get real mad when their mail all goes in the scrapper.

    Then users will be mad that their mail gets dumped because their service is lame.

    Then I will be out of a job.

    ENFORCE the laws and regs in place, that's not going to happen either, as there is no money to be made (or tangibly saved) by doing so.

    Useless laws and regs with no teeth and too many wormy lawyer

  • Sorry but the protocol was never built for this and whilst it has had people add protocols for securing and signing data and verifying identity only limited people really use them.

    If you can't prove an identity then the emails are just bits on the wire. You might as well take people to court for the dust they create.
  • Email is SMTP. There is no practically way to police it like the article describes. The author simply doesn't know how email works. What we need is a new message standard. An Advanced Mail Transfer Protocol. It should include:
    1. Encryption system where mail server publish the public keys. Mail server can also hold the recipient private key. This way an email can easily be signed. My server can check signature to see if the mail really comes from whoever says is the sender.

    2. Approved senders AKA friends req

  • You know, anyone who hasn't been around long enough to have an email address ending in .ARPA really should just STFU and stop proposing ridiculous nonsense like this. Not only is it highly annoying to be exposed to idiocy of this magnitude, but it distracts from measures that have actually been proven -- repeatedly -- to work.
  • Setup your spam filters and not worry about it.

  • How long would it before people use the service to get emails banned from people they don't like??

  • This suggestion -- promptly killing someone's E-mail account without giving them time to defend themselves -- is a recipe for denial of service. All I have to do is file a complaint against someone I don't like. Zap. They have no E-mail. I don't have to prove my complaint is valid.

    Hmm. Someone running a botnet could quickly eliminate all E-mail for a nation. Cyberwar!!

  • ... with the grammar division, on their SWAT team.

  • Does TFS mean the "419 entertainment service". Where entertainingly pathetic "Ningerian" desperados send entertainingly badly written offers of entertainingly implausible fiscal improprieties to us for our entertainment. There's an alternative form of this too, which is laughing uproariously at the Darwin-Award level of gullibility of the small proportion of people who fall for these, and the inverse of the "419-eater" blood sport.

    419 fraud isn't a problem, it's a never-ending source of hilarity.

  • Use a debian spam filter [pair.com] with zen.spamhous [spamhaus.org] as the rbl and things will be nice and quiet.

  • Odds are, sending an email to the webmaster about email issues would get you a "not my job" response in any era. The address you're thinking of is "postmaster," subby.

Whoever dies with the most toys wins.

Working...