[eweek article] Window of "anonymity" when domain exists, whois not updated yet

Michael.Dillon at radianz.com Michael.Dillon at radianz.com
Wed Jan 12 11:23:42 UTC 2005

=> seriously, there have been various proposals ([ADV],
> etc) to facilitate "legit UCE," but that hasn't slowed
> the arms race.  How would you recommend that we make
> it easier for legit businesses?

I don't propose that we make it easier for legit UCE.
I'm simply pointing out that it's an arms race because
we are solving the wrong problem. We are making it hard 
for people to send spam, therefore we are reaching the
point where only criminals do so. 

I would rather see us focus on securing the email 
architecture. Secure submission is part of that, but
for some reason people are unwilling to imagine an email
system in which an ISP will only accept incoming messages
from another ISP with which they have an existing
agreement, i.e. rather like email peering.

I happen to believe that a web of email peering
agreements is the best way to get us to the point
where it is difficult for anyone to anonymously 
send email because they *MUST* relay it through
an ISP who will not accept the email for relay
unless they have authenticated the user.

This is solving a different problem. Spam is merely
a symptom of an overly simplistic and insecure
email architecture. Now that it has drawn our
attention to the problem, I think we should
ignore spam and focus on making a better email
architecture that people can actually use again.

--Michael Dillon

More information about the NANOG mailing list