Re: RFC: Email 2.0: Segmail

You Personally advocate a

(x) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won
+'t work. (One or more of the following may apply to your particular i
+dea, and it may have other flaws which used to vary from state to sta
+te before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(x) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
(x) It is defenseless against brute force attacks
(x) It will stop spam for two weeks and then we'll be stuck with it
(x) Users of email will not put up with it
(x) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
(x) Many email users cannot afford to lose business or alienate potent
+ial employers
(x) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
(x) Ease of searching tiny alphanumeric address space of all email add
+resses
(x) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
(x) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
(x) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spamm
+ers
(x) Extreme stupidity on the part of people who do business with Micro
+soft
(x) Extreme stupidity on the part of people who do business with Yahoo
( ) Dishonesty on the part of spammers themselves
(x) Bandwidth costs that are unaffected by client filtering
(x) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have eve
+r been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
(x) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
(x) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
(x) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a fascist for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn y
+our house down!
[download]

<-radiant.matrix->
Larry Wall is Yoda: there is no try{} (ok, except in Perl6; way to ruin a joke, Larry! ;P)
The Code that can be seen is not the true Code
"In any sufficiently large group of people, most are idiots" - Kaa's Law

Comment on Re: RFC: Email 2.0: Segmail Download Code

Replies are listed 'Best First'.
Re^2: RFC: Email 2.0: Segmail by tomazos (Deacon) on Sep 28, 2005 at 19:28 UTC
Thanks for your comments radiantmatrix. (1) Segmail doesn't require wide-spread adoption in order to be effective. (2) Further, depending on how you use email, it may not be the right solution for you (compare the advantages versus the disadvantages) - and that is okay because see point 1. Mailing lists and other legitimate email uses would be affected A mailing list is just another correspondant. You supply your email address, they send you mail at that address, it goes through as normal. I am unclear how they would be affected. It is defenseless against brute force attacks The fact that the email address contains an eight character random password means that they are defended against dictionary attacks. Certainly better defended than a non-segmail address is. Define a brute force attack. It will stop spam for two weeks and then we'll be stuck with it Stuck with what? The system or more spam? If one address is compramised it can be rotated without effecting the rest of your correspondants. Users of email will not put up with it Not all users of email are required to put up with it. It works whether or not everybody uses it. For the correspondants of a Segmail user, it is simply a normal address change. What's to put up with? Many email users cannot afford to lose business or alienate potential employers Once again, it is simply a one-time address change. I don't see how it effects them. Spammers don't care about invalid addresses in their lists Therefore what? This statement is irrelevant. Ease of searching tiny alphanumeric address space of all email addresses This is a stated disadvantage - and for some users of email, may be worth the tradeoff. Why should we have to trust you and your servers? You don't. Run it on your own server. It is a decentralized solution requiring no centralized authority in order for it to work. Temporary/one-time email addresses are cumbersome This is a stated disadvantage - and for some users of email, may be worth the tradeoff. -Andrew. Andrew Tomazos \| andrew@tomazos.com \| www.tomazos.com	[reply]

Replies are listed 'Best First'.

Re^2: RFC: Email 2.0: Segmail
by tomazos (Deacon) on Sep 28, 2005 at 19:28 UTC

(1) Segmail doesn't require wide-spread adoption in order to be effective.

(2) Further, depending on how you use email, it may not be the right solution for you (compare the advantages versus the disadvantages) - and that is okay because see point 1.

Mailing lists and other legitimate email uses would be affected

A mailing list is just another correspondant. You supply your email address, they send you mail at that address, it goes through as normal. I am unclear how they would be affected.

It is defenseless against brute force attacks

The fact that the email address contains an eight character random password means that they are defended against dictionary attacks. Certainly better defended than a non-segmail address is. Define a brute force attack.

It will stop spam for two weeks and then we'll be stuck with it

Stuck with what? The system or more spam? If one address is compramised it can be rotated without effecting the rest of your correspondants.

Users of email will not put up with it

Not all users of email are required to put up with it. It works whether or not everybody uses it. For the correspondants of a Segmail user, it is simply a normal address change. What's to put up with?

Many email users cannot afford to lose business or alienate potential employers

Once again, it is simply a one-time address change. I don't see how it effects them.

Spammers don't care about invalid addresses in their lists

Therefore what? This statement is irrelevant.

Ease of searching tiny alphanumeric address space of all email addresses

This is a stated disadvantage - and for some users of email, may be worth the tradeoff.

Why should we have to trust you and your servers?

You don't. Run it on your own server. It is a decentralized solution requiring no centralized authority in order for it to work.

Temporary/one-time email addresses are cumbersome

This is a stated disadvantage - and for some users of email, may be worth the tradeoff.

-Andrew.

Andrew Tomazos | andrew@tomazos.com | www.tomazos.com

[reply]