[H-GEN] Email is broken... Really? How?
robert at timetraveller.org
Thu Feb 10 17:25:54 EST 2011
On Mon, 7 Feb 2011, Daniel Devine wrote:
> [ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
> I recall a discussion 1+ years ago at HUMBUG in which it was said by somebody
> that "the Email system is basically broken". So far the only problem I see
Hi Daniel. I wouldn't necessarily say it is broken but you could say it
is showing its age.
There were all sorts of ways for spammers to exploit SMTP for their own
gain. As each exploit was discovered by the spammers the sysadmins &
developers of the world would move to block their path.
Until the mid 90s it was normal for all mail servers to all relay email
without restriction - it was expected that you would ask before relaying
large amounts of mail through someone elses servers.
SMTP (without crypto add-ons) is also extreely trusting about who sent the
email. More on this later.
Even more recently spammers would exploit the failure messages within SMTP
to produce 'backscatter spam'.
The problems were thus that SMTP arose in an era of trust and had to deal
with people who wanted to exploit common resources for their own personal
gain. These people have been a problem throughout history of course.
Widespread use of TLS would hit spammers hard. A major problem with spam
is identifying the spammers. If the sender of each email could be
verified through TLS then it would be much easier to deal with spammers.
Currently we need to try to identify them using secondary pieces of
information, like where they are sending the email from (source address).
TLS has been around for a long time and failed to see widespread uptake.
Email: robert at timetraveller.org Linux counter ID #16440
IRC: Solver (OFTC & Freenode)
Contributing member of Software in the Public Interest (http://spi-inc.org/)
Open Source: The revolution that silently changed the world
More information about the General