use Perl

• I've brought up similar thoughts myself.. (Score:1)

  by WebDragon (1204)

  I'd talked about this earlier in a post to use perl: Pandora Awakens [perl.org].

  Another thought I have had run through what passes for my brain, is that we've certainly spent a whole lot of time tracking down the spammers themselves.. but they are NOT THE HEART OF THE PROBLEM! The heart of the problem is the people and companies paying the spammers .. Anything that actually goes after the companies hiring the spammers in the first place, would make far more sense and I think, be a much more serious deterrant.

  But
  • Re:I've brought up similar thoughts myself.. (Score:2, Insightful)

    by chromatic (983)

    I also agree that the present e-mail system has got to go and preferably be replaced by something far more secure.

    What, specifically, are you going to throw out?

    Much of my job requires being able to receive e-mail from people I don't know yet. A fair chunk of my job means sending e-mail to quite a few people. I want both to be possible with a minimum of fuss!

    Just about every system I've seen proposed seriously has had flaws that would make it much more difficult for people like me to do our jobs.
    • Re:I've brought up similar thoughts myself.. (Score:2)

      by pudge (1) on 2003.09.03 21:51 (#23824) Homepage Journal

      If we do keep email (sigh, I can dream!), my thoughts run along the lines of being strict in how SMTP servers are authorized to speak to other servers, sorta like an SSL certificate. If you want to send email to me, you need to send it through an SMTP server that you are authorized to send through, that is certified to talk to another server, etc.
      
      If your SMTP server is used for spam, its certification will be revoked. You can seek certification elsewhere of course.
      
      This system is similar to what we have now, but more formalized, with a central authority, like with SSL and DNS.
      
      It would not solve the problem outright, but might go a long way toward controlling it.
      
      In addition, I want significant criminal and civil penalties for spammers.
      

      Reply to This

      Parent

      • Re:I've brought up similar thoughts myself.. (Score:2)

        by Dom2 (2981)

        You would be thinking of the recent AMTP [bw.org] proposal? It's flawed, because it doesn't discuss the PKI aspect of using certificates.

        -Dom
        • Re:I've brought up similar thoughts myself.. (Score:2)

          by pudge (1)

          I was thinking of no specific proposal, but yes, something along those lines.
      • Re:I've brought up similar thoughts myself.. (Score:2)

        by Matts (1087)

        Spammers currently use stolen credit cards to buy services. They hijack the computers of innocent victims to send their stuff. They sell illegal goods.
        
        What makes you think they won't extend that to bulk buying certificates? Or hijacking someone else's certificate (as is already happening with some of the smarter open proxy spammers)?
        
        A certificate based email system only hurts the innocent. People like me who run their own SMTP server but can't afford a cert.
        • Re:I've brought up similar thoughts myself.. (Score:2)

          by pudge (1)

          What makes you think they won't extend that to bulk buying certificates?
          
          I see no reason any certificates would need to be "bought" in the first place.
          
          Or hijacking someone else's certificate (as is already happening with some of the smarter open proxy spammers)?
          
          Then those certificates get revoked, and you come up with better methods to prevent such hijacking.
          
          • Re:I've brought up similar thoughts myself.. (Score:2)

            by Dom2 (2981)

            Anybody who thinks that certificate revocation is possible using the current infrastructure should spend a long time reading Peter Gutman's homepage [auckland.ac.nz].

            -Dom