[H-GEN] Email is broken... Really? How?

Robert Brockway robert at timetraveller.org
Thu Feb 10 17:25:54 EST 2011 

On Mon, 7 Feb 2011, Daniel Devine wrote:

> [ Humbug *General* list - semi-serious discussions about Humbug and     ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> I recall a discussion 1+ years ago at HUMBUG in which it was said by somebody 
> that "the Email system is basically broken". So far the only problem I see

Hi Daniel.  I wouldn't necessarily say it is broken but you could say it 
is showing its age.

There were all sorts of ways for spammers to exploit SMTP for their own 
gain.  As each exploit was discovered by the spammers the sysadmins & 
developers of the world would move to block their path.

Until the mid 90s it was normal for all mail servers to all relay email 
without restriction - it was expected that you would ask before relaying 
large amounts of mail through someone elses servers.

SMTP (without crypto add-ons) is also extreely trusting about who sent the 
email.  More on this later.

Even more recently spammers would exploit the failure messages within SMTP 
to produce 'backscatter spam'.

The problems were thus that SMTP arose in an era of trust and had to deal 
with people who wanted to exploit common resources for their own personal 
gain.  These people have been a problem throughout history of course.

Widespread use of TLS would hit spammers hard.  A major problem with spam 
is identifying the spammers.  If the sender of each email could be 
verified through TLS then it would be much easier to deal with spammers. 
Currently we need to try to identify them using secondary pieces of 
information, like where they are sending the email from (source address).

TLS has been around for a long time and failed to see widespread uptake.

Cheers,

Rob

-- 
Email: robert at timetraveller.org		Linux counter ID #16440
IRC: Solver (OFTC & Freenode)
Web: http://www.practicalsysadmin.com
Contributing member of Software in the Public Interest (http://spi-inc.org/)
Open Source: The revolution that silently changed the world

More information about the General mailing list