I fully expect to see specialized email peering providers arise who will have SMTP peering arrangements with the large email site like AOL, Yahoo, Hotmail etc. and who then arrange peering with large numbers of smaller sites who either cannot find SMTP peering locally or who want to be assured of alternate SMTP routes in the event their main peer cannot reach all destinations.
But can you ro someone who shares this idea please explain to me how this model accounts for compromised hosts sending their spam through the default MTA or using the default MTA setting son the host?
In some cases, the user's ISP will block port 25 thus blocking this email. In some cases, the user's ISP will do nothing but the recipient ISP will not recognize the sender as an SMTP peer and will deny port 25 connections. In some cases, the user's ISP will use authenticated port 587 local mail relay as the only possible outbound route and this SPAM will enter the mail system at that point. Then the ISP may implement rate limiting to prevent more than 10 messages a day outbound or the ISP may have SPAM detection on their relay or the ISP may do nothing. If the ISP has SPAM detection on the relay they can do additional things such as portscan the user and/or shut down all IP connectivity because they have a contractual relationship. If the ISP does nothing then their peers or the recipient ISP can track the email back through the peer-to-peer path and contact the sender's ISP to resolve the issue. So, to summarize, the local ISP has more tools to use in detecting and stopping compromised hosts and everyone else has a reasonable certainty of the origin of the email which they can use to get satisfaction.
After all of this trouble to get such a system in place, it's going to take the spammers 1/100th of the effort the operation community has put in to thwart the system.
I think you are wrong on this one. I don't doubt that spammers will attempt to subvert the new architecture and I don't doubt that technical exploits will be found. But I am confident that the costs to the spammer will rise and the volume of spam delivered will decrease. In combination this will mean that spam is no longer a viable business model even for the criminal gangs that are currently using it. Once word gets around, they will stop trying. Like Alex Bligh said, fixing the email architecture involves a number of interrelated actions. No single action by itself is a magic bullet but by integrating several of them we can build a more robust framework. And I don't like to think of this as "stopping spam". It's really about fixing the Internet's email architecture so we don't have to go back to postal mail and faxes. I want the glory days of 1994 back again when 99% of my incoming email was relevant to me and the spam was humorous stuff like Rev. Kris Korda and the Church of Euthanasia. Michael Dillon