|
Urb, the problem that exists with mail (as it is right now) is that the protocol for sending mail from one server to another isn't secure in the slightest.
The sending server calls your server, can tell it that it is ANYONE, and dump as much mail as it can on that server in one shot. Nothing is done to confirm the identity of the sender, or the IP, or the location (except to require a header with this info in it, which isn't checked). Sort of the like the old airport quesiton "did you pack your own bag? Did anyone give you somehting to carry on?"... what, do you think the terrorists are going to say YES? Just like do you expect the spammers to say yes?
protocol should be Sender contacts you server, says I am at this IP, contact me for mail. Then the receive "calls back" to get the info. Right away, alot of spam would disappear because it would be much harder to fake where spam is coming from.
That should be applied all the way along the chain. It would be "slower" to mail, in theory, but in reality, if you got rid of 25% of the spam on the net, it would be faster for everyone.
Until something like that happens, we will see a boat load of spam every day.
Alex
|