On Wed, 29 Oct 1997, Brian Moore wrote:
This isn't rocket science. As long as the web site is there what stops them from spamming? What stops them from getting a disposable dialup and spamming from that?
Hint: authenticated email doesn't unless you white-list mail.
If you can positively identify the individual, you can say you don't want to accept mail from that person, regardless of where the account is. If the system I described were in place, you could decide to accept mail based on criteria that the certifying authority places on those whose certificates it signed, and you would never have to know the individuals or their ISPs ahead of time. For example, you could say you only wanted to accept mail from either people you specifically wanted (your white list), or from any unknown people that were certified by having a notarized copy of their driver's license (or whatever), which would then allow you to specifically exclude particular people you didn't want to receive mail from. In an ideal world we wouldn't have to worry about this, we could just all be open and friendly and accept mail from whoever. However, it is no longer that way on the Internet and will never be again. I agree that implementing a scheme digitally signing mail is a vast undertaking that would never be entirely complete. However, I see no alternative in the long run. Your suggestion will always require a large amount of manual effort and you will always be playing catchup with the spammers. Using schemes such as Vixie's blacklist is difficult for an ISP as it presupposes what individual customers will want -- some of them certainly do not want to lose connectivity to a portion of the Internet, even if it means exposing them to spam. After all, we can all certainly be free of spam by simply unplugging the wire, but the cost is obviously too high. John Tamplin Traveller Information Services jat@Traveller.COM 2104 West Ferry Way 205/883-4233x7007 Huntsville, AL 35801