Internet and e-mail policy and practice
including Notes on Internet E-mail


2008
Months
Jul

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed


Home :: Email


30 Jul 2008

Why we'll never replace SMTP Email

An acquaintance asked whether there's been any progress in the oft-rumored project to come up with a more secure replacement for SMTP. Answer: no

Truly, spam isn't a technical problem, it's a social one. If we could figure out some way to make mail recipient networks and hosts willing to shun known bad actors, even at the cost of losing some real mail for a while until the bad actors cave, it would make vastly more difference than any possible technical changes. No matter how super secure an improved protocol is, if a mail system operator lets people send spam through it, the recipients still have to decide how they're going to deal with the sender's behavior.

The reason that e-mail is uniquely useful is that you can exchange mail with people you don't already know. The reason that spam exists is that you can exchange mail with people you don't already know.


posted at: 05:54 :: permanent link to this entry :: 5 comments
posted at: 05:54 ::
permanent link to this entry :: 5 comments

comments...        (Jump to the end to add your own comment)


"The reason that e-mail is uniquely useful is that you can exchange mail with people you don't already know. The reason that spam exists is that you can exchange mail with people you don't already know."

Well said. Flips sides of the same coin.

(by Terry Zink 30 Jul 2008 12:55)



That reminds me of something I've said about the web for years: The best thing about the web is that anyone can publish. The worst thing about the web is that anyone can publish.

(by Kelson 02 Aug 2008 02:40)


an acquaintance responds
i read this several times before i realized what about it left me unsatisfied. you say:

"If we could figure out some way to make mail recipient networks and hosts willing to shun known bad actors, even at the cost of losing some real mail for a while until the bad actors cave..."

what, if we could arrange that, would prevent those bad actors from simply starting up again once that communal pressure is lifted? or would we be required to shun those bad actors, and sacrifice that percentage of good mail, forever?

i'm not technically competent to discuss the feasibility of a useful replacement for SMTP, but while i agree that the problem of spam can be viewed as being rooted in "human nature," and is therefore a social one, i don't believe that there exists a social (or sociological) solution. a mail protocol built with the assumption that some humans are crooked, though (instead of SMTP, which is built on the assumption that all humans are basically decent and understand what Postel meant by "conservative,") would at least, hopefully, provide more robust mechanisms with which to detect and neuter the crookedness.

(by adam brower 08 Aug 2008 00:44)


Internet user
SMTP is now so broken by overactive spam filters that it's a hit or miss situation whether any email will reach its recipient. These days about 50% of my e-mails never get to the people I send them to. How much worse is it going to get before e-mail becomes completely useless and it's generally agreed to implement a new secure protocol first in parallel with the existing one, then replacing it? I think many of us will not live that long, at the present rate of non-progress.

(by Bob 05 Jun 2009 03:56)



Hi John, I caught your oblique Facebook advertisement for this blog.

The idea that seems most sensible to me requires technology but it's social:

I set a price. Strangers must put up this much to send me an introductory email. If I like them, I refund the money; if not, I keep it.

"The reason that e-mail is uniquely useful is that you can exchange mail with people you don't already know." The fact that this involves no risk for the initiator, and no compensation for the recipient, isn't a useful thing, it was just easier to set up that way in 1980.

(by Steve Witham 04 Jul 2009 01:54)


Add your comment...

Note: all comments require an email address to send a confirmation to verify that it was posted by a person and not a spambot. The comment won't be visible until you click the link in the confirmation. Unless you check the box below, which almost nobody does, your email won't be displayed, and I won't use it for other purposes.

 
Name:
Email: you@wherever (required, for confirmation)
Title: (optional)
Comments:
Show my Email address
Save my Name and Email for next time

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
Phishing Landscape 2020: A Study of the Scope and Distribution of Phishing
143 days ago

A keen grasp of the obvious
My high security debit card
806 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse



© 2005-2020 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.