On Sun, Feb 17, 2019 at 9:23 PM <valdis.kletnieks@vt.edu> wrote:

> [Today's discussion is about whether I solved the spam problem. Not about how
> I'm gonna distribute the solution]

You apparently don't understand that how the solution gets distributed is a
very important part of whether the solution will work.

If only everyone would change everything about how they do everything overnight, pay me/my company, and trust me/my company as a central authority... well, we'd have no problems, *I guarantee it!*  

I tried whole-assedly skimming the first two dozen pages of his pdf doc and switched to half-assedly for the latter several hundred pages.  My take-away is that he has a company called dombox/teleport, and if we pay him to authorize us as not being spammers, then we're not spammers.  But instead of simply that, also every system and the way everyone uses email, including trusting him as a primary point of authority, has to change before it works.  Page 121 states that every website on the entire internet will need to implement his buttons.  

There's also some rather onerous sounding stuff around page 115 where he states that users won't be able to delete their email accounts, or the contents thereof.  So I'm pretty sure this system is entirely in violation of European law.  


> "Now, what if your first mail get rejected with an error message like "Unauthorized Sender"?
> Would you still write your follow-up mail? No, right?"

At which point you totally miss the point - for a spammer, the reasonable thing to do
is *send another mail with a different From: value*, in hopes of hitting one that's
an "authorized sender".

Further, most recipients can't be burdened with having to authorize every potential sender.  Systems implementing that logic have been implemented in various and sundry places, and never for very long.  

To save everybody else the effort:  As far as I can tell, he's re-invented plus
addressing, and says that if everybody creates mailboxes john.smith@example.com
for personal mail, and a john.smith+nanog@example.com for nanog mail, and
john.smith+my-bank@example.com for his bank emails, spam will apparently give
up in defeat

I'm pretty sure there was something in there about paying him to act as a central authority too, you've gotta half-assedly skim another hundred pages to get to it, though.  

Take care,
Matt