If you liked this post, you may also be interested in...
- German Court Orders Encrypted Email Service Tutanota To Backdoor One Account
- Suspected DNC & German Parliament Hacker Used His Name As His Email Password
- Jared Kushner's Coronavirus Task Force Is Using Private Email Accounts To Conduct Official Business
- No, Google Isn't Hiding Elizabeth Warren's Emails To Promote Mayor Pete
- Caifornia Governor Vetoes Law That Would Have Mandated Retention Of State Government Emails
Reader Comments
Subscribe: RSS
View by: Time | Thread
uh, hate to be the cynic here ... but
This act is nothing more than a "how-to" guide for the slimeballs at the Direct Marketing Association which guides them in "best practices" for ensuring they can't be sued by companies forced to spend thousands of dollars and man-hours stopping the theft of hard disk space and bandwidth, not to mention employee productivity.
Laws passed by any nation have no effect on the Internet anyway; laws "outlawing" spam in the United States have no effect in other countries.
The only way SPAM will ever be reduced is for the blacklist community to blackhole entire ISPs once it has been proven that they are friendly toward spammers.
Once that occurs, the price an ISP pays for not monitoring the use of its resources by its customers and enforcing its terms of service will guarantee spammers have no homes from which to operate.
[ link to this | view in thread ]
I have an idea...
What if we used a simple keyword system, where, in addition to your email address you would hand out a random sequence of characters as a passkey. This passkey would be embedded into a header field in the email. You could have as many of these passkeys as you like. Coworkers could have one, friends and family could have another. You could generate new ones for each mailing list you were on. If an email arrives without a passkey, you could safely ignore it. If a passkey is sniffed or leaked, you could change it without changing your email address.
For unsolicited emails, your web server could have a simple request system, either as a web-form or as a system like mailer daemons, wherein you could send it a request and it would email you back a one-off passkey for me. After that one email is sent, we would accept no new emails from that passkey.
This way I could still cold-email someone (by sending a request to them or their server,) and getting permission to email them, but everyone else I wanted could be preapproved.
I haven't spent much thought on this idea, so I haven't spotted all of the possible holes in it, but here are the advantages and disadvantages I see:
Advantages:
1) Minimal network and processor overhead.
No significant change in CPU usage as we are just checking a passkey. The only increase in network overhead would be on requests for one-off passkeys, but I think this would be more or less minimal.
2) Doesn't require implementation at an ISP level. This scheme could be handled entirely in the client, although ISP level implementation would probably make things a bit faster and easier.
I haven't heard of a suggestion like this yet, but if anyone is interested, I make this idea public domain, and promise not to patent it or sue anybody :)
[ link to this | view in thread ]