long lived span-free e-mail addresses (was RE: [LINK] Govt strugg
ling with spam: Alston)
Bob.Smart at csiro.au
Sat Nov 30 03:05:23 EST 2002
> Do you keep your .vic.au address once you move
> to QLD?
Sure. The WHOLE point is to create e-mail addresses
that never change.
> Do you need an address for each of the states
> you have lived in?
One name is enough. Its only a name. If you want a
name that says something about you then you need
your own domain name. I picked vic because I figure
our current federal governement would never introduce
any sort of new government service.
> 2. Victoria has around 4.5 million people
26**5 > 11 million.
> How much would it cost to put an intervening mail
> service between these users that would supply the
> level of service expected?
It need not have any mail storage. When an incoming
mail comes in it can connect to the real destination
and just pass the body of the message through, only
giving the final "message received" response when the
ultimate destination has done so. So it is just compute
plus bandwidth plus database.
> How would you manage the adds, deletes, changes
> (if self-service, add the word "securely" in there
Changes can be done at the post office (with 100 points
of id) and the initial setup has to be. This costs a
little money unless you have a pension/health/etc card.
You also get a password that allows self-service if you
don't lose it.
> If it's not universal
The aim is to provide a long lived spam-free e-mail
address as an option. No compulsion here.
> Why would we create a single place where a government
> can watch our mail go by?
It is implicit in this scheme that you have a secret
e-mail address that changes from time to time. Presumably
people with confidential information will use that, or
one of the various e-mail encryption systems available.
In terms of watching your mundane mail to track your
interests: I think commercial e-mail services are more
likely to do that.
> Why would we create a single place that could be
> attacked to kill email?
A single address doesn't have to be a single point of
failure and e-mail particularly is set up to avoid that,
allowing multiple top priority MX records in the DNS.
> What is the VALUE such a service would provide?
This and other things that the government could do to
make the Internet work better are a great way to make
high tech industry work better in that area. Are my
ancient socialist tendencies showing?
A long term e-mail address is only useful when combined
with a spam-free system. Here's how it works:
Users supply a list of e-mail addresses allowed to send
to them. Destinations of outgoing mail are (normally?)
automatically added (requires users e-mail to be
configured to pass through the service). Users can
modify this through a web interface (see password above).
If other addresses try to send to the user then they
get rejected and the bounce invites them to go to a
web page to obtain authorization to send to that user.
That web page will indicate what sort of mail that user
is willing to accept. What hoops the sender then has to
go through to get permission to send to the address will
be configurable. I have a few interesting ideas and you
can probably think of others. Just making the sender
click a box indicating the intention to comply with the
recipients requests will probably work pretty well. If
we want to avoid fake 'From:' addresses then we can send
a password to the sender's e-mail address which is a
significant increase in the inconvenience, but can still
be automated by the determined spammers. Beyond that I
have some ideas which impose unavoidable costs on the
spammer but not on the honest sender.
More information about the Link