Agreed. I’ve never seen someone so excited to have reinvented TMDA from the 1990’s. Please, tell us more how the Internet will readdress itself to meet your fascinating solution. Can we go back to talking about network engineering now? Sent from my iPhone
On Feb 17, 2019, at 19:21, valdis.kletnieks@vt.edu wrote:
On Mon, 18 Feb 2019 07:33:32 +0530, Viruthagiri Thirumavalavan said:
My name is Viruthagiri Thirumavalavan. I'm the guy who proposed SMTP over TLS on Port 26
Unfortunately, your attempt there didn't demonstrate an in-depth knowledge of the email ecology of the sort needed to *actually* solve the spam problem.
Today I have something to show you.
Long story short.... I solved the email spam problem. Well... Actually I solved it long time back. I'm just ready to disclose it today. Again...
So actually *disclose* it already, rather than whining about how you've been treated.
And there's this telling statement:
[Today's discussion is about whether I solved the spam problem. Not about how I'm gonna distribute the solution]
You apparently don't understand that how the solution gets distributed is a very important part of whether the solution will work.
Bottom line: You hit most of the points in Vernon Schryver's FUSSP list, plus an amazing number of points in John Baez's crackpot index. Not a good way to start.
So because I'm needing some entertainment, I went to go check the Medium post.
"Spammers have no idea what's going on INSIDE the email system. i.e. They have no idea whether their mail gets marked as spam or not."
Oh, you poor, poor uneducated person. Spammers have a *very good* idea of whether it was marked as spam.
"Now, what if your first mail get rejected with an error message like "Unauthorized Sender"? Would you still write your follow-up mail? No, right?"
At which point you totally miss the point - for a spammer, the reasonable thing to do is *send another mail with a different From: value*, in hopes of hitting one that's an "authorized sender".
"So when mails get rejected with an error message, spammers gonna remove your email address from their email list. That's because your email address is a dead end for them."
OK, I'm done here. We obviously have a total lack of understanding of the problem space, and it's very unlikely that an actually correct solution will arise from that.
Also, I'll offer you a totally free piece of technical advice: Those SAD entries in the DNS that you're hoping to use to tie domains together are trivially forgeable.
To save everybody else the effort: As far as I can tell, he's re-invented plus addressing, and says that if everybody creates mailboxes john.smith@example.com for personal mail, and a john.smith+nanog@example.com for nanog mail, and john.smith+my-bank@example.com for his bank emails, spam will apparently give up in defeat
There's a whole bunch more, including assuming that Joe Sixpack *will* create a separate address for each "transactional" piece of mail, that spammers won't send mail that looks like personal mail, that spammers won't create bogus DNS entries, and a few other whoppers...