Comments on: Saving e-mail: It's all about trust

perspective Sendmail inventor Eric Allman says a new Internet standard promises to restore trust to e-mail.

[hadaso]

I always know if mail comes from my bank

I always know if mail comes from my bank - because no one else knows the email address I gave my bank. The same with any other party I do business with that involves money.

I use sneakemail.com to be able to give different email addresses to various 3rd parties. If my bank sends me email it is received by Sneakemail which marks it with the label I associated with it (that says it's my bank) and then Sneakemail sends it to the email account where I read my mail. Email from my bank is email that claims to be from my bank and marked as such. Email that claims to be from my bank and that is not marked by Sneakemail as such is not from my bank.

In addition I use spamgourmet.com to be able to freely post email addresses that people can use to contact me without risking a lifetime stream of spam to a precious single email address that I cannot replace because too many people have it and I cannot inform them all (such as the address that I have that was published in paper publications in the good old times when everyone on the net could be trusted, or so we thought).

My email provider (fastmail.fm) used to check DKIM for incoming email, but they stopped doing it because they said it was too unreliable (I think because email relaying often changes parts of the headers/body in ways incompatible with DKIM).

It's a pity that we cannot leave our (electronic) front door open, but then, even if our front door is unlocked it doesn't mean anyone can come in and post their magnets on our refrigerator. If someone does it and gets caught it is the custom to lock them up somewhere. There's not enough of this locking up happening.

[dlandry]

Reliable, but not perfect

This seems highly reliable, but still not explicit trust. What stops someone from sending a brute force spam attack to sneakemail.com?

[sjkx]

unique/disposable addresses

Hi hadaso. Still active on the FM forum these days? :)

I've mostly switched to using unique and disposable addresses
within my own registered domains instead of relying on a third-
party service. Monitoring those addresses can be revealing and
sometimes puzzling. I'm convinced addresses are vulnerable to
different methods of nefarious discovery if they're unencrypted
at all during their existence/usage, which is difficult to avoid. I
have plenty of examples of "obfuscated" addresses (i.e. harder
to randomly guess/attack) only used for trusted and supposedly
private correspondence (or even never used at all) show up in
spam logs. How such addresses were actually "leaked" has
remained an unsolvable mystery and usually the only ways that
seem possible are rather disturbing.

[inachu]

Your way is still worthless

I created 5 accounts for testing spam.

Lets say you create a new comcast or verizon or hotmail or aol email account or some new email address from your company.

Spammers will always find a way. betsysmith@aol or bs1@aol.com ro bs2@aol.com they use acronyms and other various methods to bypass sneak mail. its the same with websites. you can't keep a webserver secret as the moment I created a new webserver that wasn't 2 minutes old GOOGLE spidered it without me asking it to. Using proxy will never work and is not fully secure.

[nicmart]

A better way?

This is a good idea, but it isn't enough.

Like the author I'm snowed under by trash mail, but only a small
portion of my legit mail is likely to qualify for the scheme he
describes. It probably won't do much to prevent my having to
scan through the junk mail folder to find the improperly filtered
messages I want to read. For goodness sakes, even messages I
send to myself are filtered out as junk!

The answer, I think, is email clearing houses that charge a
nominal sum to senders. By nominal I mean a penny or two per
message. This is a trivial charge to users who are not sending
bulk emails, but it would constitute a major, perhaps
insurmountable barrier, to junk mailers. The small charge to
non-commercial mailers -- people like me -- is easily offset by
the saving of time wasted tracking down valid messages, and
money spent on software schemes to defeat spammers. Not to
mention the cost of corrupted and disrupted computers and
criminal scams.

The security approach and the pay-for-mailing approach are
complementary. Perhaps, for instance, bulk mailers (like banks)
that have been vetted could receive a substantial discount for
bulk mailings.

The only way to beat the spammers is to make it too costly for
them to send their garbage. Their current costs approach zero.

It is very likely that the typical individual user sends fewer than
1000 emails a year, so his annual cost would be, at most $10. Is
that not a small price to pay to drastically reduce the annoyance
of spam? As I said, it also would reduce the substantial ancillary
costs of vandalism and other criminality associated with spam.

Make it too expensive for spammers to to distribute their
garbage.

[rick19355]

Re: A better way?

Charging for email would probably stop spam email, and I wouldn't mind paying a fraction of a cent for every email I send, but I do not think it would be possible for that to work. There would have to be one single organization that all email would be sent through, because otherwise there would always be the opportunity for a free email sender to be set up or, more likely, somebody who would do it at a cost cheap enough to still be profitable to spammers but high enough for the person providing the service to make a good profit from the spammers. And with only one body handling every piece of email transmitted over the internet, there could never be any competition to keep them from raising the price, and it would be most unfortunate if hackers successfully attacked it on behalf of their spamming buddies.

[Stating]

Tax Windows Computers

The majority of spam is sent through compromised (hacked) Windows computers, thanks to Billy Gates insecure operating systemS. Charging the email sender would only result in the hacked owner getting a bill for messages they were unware were sent. Better solution would be a tax on every Windows computer sold to pay for improved spam filtering technology. If you buy a Linux or Mac computer then you get a credit instead of a tax.

[MTGrizzly]

DKIM useless

Fifteen minutes after it is widely adopted, someone will have
cracked it. Then they will be able to send Spam with
authenticators that make it seem legitimate. Nothing like this
ever works. As long as there is money to be made in defeating
or circumventing security, it will be done. Given the time and
computing power spammers have at their disposal, literally,
nothing is safe.

The best example of this is DKIM, itself. All other security
systems that passively work to prevent spam, have failed, so we
had to come up with DKIM. DKIM will fail, sooner rather than
later.

Running all email through one server would be suicide. If there
is one bottleneck through which all email must pass, the
controller of that one bottleneck is being given carte blanche to
censor whatever they want to censor. The government can say
we don't want any emails that make fun of Cheney's declaration
that he's not part of the executive branch of the government to
go through. They threaten the owners of the bottleneck, sue
them or whatever and no more discussions of Cheney's
delusions.

This would be much worse if the government controlled the
bottleneck. When someone shows up from the government and
says, "I'm here to help," THEY'RE LYING.

Taxes are similarly a bad idea. Who ever heard of a tax going
down or going away? Today USPS costs 41 cents for a 1st class
letter, it used to cost 5 cents. Anyone think it would be different
for the email taxes?

Who holds these bozos who control the bottleneck accountable?
Is it a publicly held corporation - it's only accountable to its
stockholders. Is it a private company/corporation? It's only
accountable to its owners. Is it the government? These days
they seem to be accountable to no one but their own delusional
selves...

Leave the system alone. Anyone who hasn't heard that any email
that asks for personal information is bogus and should be
ignored is either living in a cave or not paying very much
attention. Even Mozilla's Thunderbird email client can tell you if
you are being sent to web address other than the one listed in
the email. Pay attention! Protect yourself, don't rely on someone
else to do it.

[stlwest]

Has to be a government mandate.

Even real mail has no authentication guarantee, so yes users should follow the rule that if it has to do with money or your identity make sure you are the one who initiates contact, and don't call the 800# in the email dummy. Phone calls at least have caller ID which I must say seems to work really well, especially if you also don't list your number and then have call blocker.

Without a mandate like the Analog TV to Digital TV mandate by some government authority it won't ever happen.

I think third party ssl certs could be more useful than self signing since there is a cost involved. Requiring something like an mxsend dns entry might be beneficial also since there isn't currently anyway to know what server will be sending email for xyz.com domain. When the people you work for say a customer of mine is getting blocked, Admins end up having to whitelisting people people who haven't setup their stuff correctly or companies that may be spamming away all day long.

I'll keep my fingers crossed but won't hold my breath. Now how about blocking all the circulars sent to my real mailbox? USPS has no vested interest in offering that service.