[this was spurred on by Pudge's journal posting and in the end, I decided to make it a new journal entry rather than a reply, so as to elicit more comment.]
Gentlemen, the time has come.
The time is in fact long since past, but intertia and whatnot.
It's plain, clear, and obvious to me that some people simply cannot be trusted not to abuse an open standard. (i.e one of openness and trust)
Thus we see spammers exploiting open relay servers, and the like.
It seems to me that the problem is no longer the spammers or the companies that hire them.
The problem is and remains the seriously outdated trustful mail transport system we all know as e-mail. It is no longer viable as a medium of trusted communication with individuals and organizations electronically. It is time to scrap it.
It is time to scrap it completely, and replace it with something more secure, with tighter and more stringent standards.
And then simply *IMPLEMENT* it as widespread as possible. And leave behind ANYONE not switching to the new system.
It will not be compatible with existing e-mail software or transport agents. All of these will need to be rewritten. WHY? It's obvious if you think about it.
It is the ONLY way to get some lazy admins to implement security and secured communication between client and server. Leave them in the dust, if they do not. I have been pushing comcast for a *long* time, to have encrypted connection and security between the user and the mailserver, PARTICULARLY due to the party-line nature of comcast cablemodem networking. They "can't be arsed" in the vernacular, and it's a source of extreme irritation.
Something must be done, and it is no longer this race to keep up that we and the worldwide mailservers are slowly LOSING because of innefective standards and enforcement. Plus a zillion homebrewed solutions that don't combat the problem itself but merely enact a holding action against abusers of the problem.
registry, without which you CANNOT send e-mail. once registered, abuse gets you REMOVED. (maybe I'm dreaming, maybe I'm not) without registry how do we know you're a trusted user? "everyone gets one."
Maybe I'm just whistling in the dark here, but THINK about it for a while. CAN we replace the e-mail system entirely with something better? It's obvious from the configuration nightmare that sendmail has been, from the growing spam problem, forged addresses, forged headers, HTML e-mail that hogs bandwidth in what used to be a text-only medium including web-bugs to identify you to spammers, viruses (remember when it was IMPOSSIBLE to get viruses from e-mail and the whole AOL meme virus thing? and I mean IMPOSSIBLE. Not without actually opening an attachment. simply viewing a text e-mail CANNOT give you a virus.) and trojans that send e-mail from people that aren't really the owners/users of the computer, open relays being exploited, that something has to give. Yes there are other MTA's out there, but it's still the same old e-mail with the same old problems.
Maybe I'm opening pandora's box here, but without doing so, where's my hope for a better system than what we have now ?
I'm *tired* of this crap.
This is the sound of Mail Transport Agents *crashing* in a completely non-computer-related fashion. Not with a bug, but with me finally unzipping my lip and screaming, BY GOD I've Had ENOUGH!
"Hallelujah! Where's the Tylenol?"