Mailing list home
  Find posts   Help

Latest messageRecent messages

Other threads:
 Prev: View Bug with Event port?
 Next: lister

 Random thread

Indexes:
 By topic
 By date
 By author
 By subject
Join the Mailing List....
AccessibilityAbout / FAQ
Member's loungeContact/FeedbackOther REBOL links
Membership:
member name

password

Remember?

Not a member? Please join
20-Apr 5:37 UTC
[0.091] 24.092k
Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

MS, non-MS, and "email" as we know it

 [1/6] from: REBOLlist2:juicybits at: 11-Jul-2003 18:59


Email as we know it will evolve, but will it really be called something else? What will it be called? I think it depends on what app(s) get the critical mass. Maybe it will just be called spam-free email? A lot of people will automatically reject a Microsoft solution, and will even deny it after it has achieved critical mass and major market share. Am I the only one here who thinks their 2003 Outlook is going to be a major spam killer? What could be more secure than to only accept email from senders who are in your contact database? For me, adding someone (or the From address of a mailing list) to my contact db will be a small price to pay, to *completely* eliminate spam. The only major question left might be, what will be the easiest ways to add new, friendly and business contacts to our contact database. At worst, it might require a web-based authentication system, eg a human sender might have to enter a machine-non-readable password in order to get into your contact db, the first time around. Instead of giving someone your email address, you could give them an url where they can authenticate themselves, and/or maybe the web server will forward an authenticated email to you so you can quickly add the the sender's address to your contact db. I can think of other ways to authenticate new senders, but it's not so important that a standard exists at this level. (Eg, even without a web server, all your email app would have to do would be to automatically respond to non-authorized senders with a "please authenticate yourself with this human-only readable password".) Black lists or filters won't even be necessary, in a completely white-list (plus first-time authentication) system. Meanwhile, even for people who will never use MS software, or who have their own business agenda reason why they automatically reject them, it seems to me like MS's solution will still become the first, viable standard, and needs to be paid attention to. Show me how I'm wrong about this. I am *not* pro-MS. However, for those of us (esp myself) who have been thinking about other solutions, we still won't be able to deny MS their huge power any time in the near future. I think now is the time to be the first ones to jump on the first viable anti-spam bandwagon... or be left behind. Yes, a major evolution in email authentication and delivery *is* imminent. --Ken. ____________________________ ____________________________ Ah, you hate Microsoft too! So comrade, ven do vee plan to defect?

 [2/6] from: joel:neely:fedex at: 12-Jul-2003 8:22


Hi, Ken, Just thinking out loud... (and there *is* REBOL relevance further down! ;-) Ken Cadby wrote:
> A lot of people will automatically reject a Microsoft solution, > and will even deny it after it has achieved critical mass and > major market share. >
This list is the *last* place I'd ever have expected to hear market share cited as a measure of fitness. (Have you turned on a television lately? ;-)
> Am I the only one here who thinks their 2003 Outlook is going > to be a major spam killer? What could be more secure than to > only accept email from senders who are in your contact database? > For me, adding someone (or the From address of a mailing list) > to my contact db will be a small price to pay, to *completely* > eliminate spam. >
What do those questions have to do with Outlook? There are already products available for whitelisting and other forms of spam control. The fact that Microsoft (again) may copy features invented elsewhere doesn't lead me to conclude that my problems will go away. (After all, the fact that they -- belatedly -- entered the browser market and then used their monopoly position to interfere with that market hasn't prevented pop-up ads, pop-under ads, nor browser-based holes in security!) In almost no time Google pointed me to http://tmda.net/
> TMDA is an OSI certified software application designed to > significantly reduce the amount of SPAM/UCE (junk-mail) > you receive.
(Unix server based) http://au2.spamassassin.org/index.html (a cross-platform tool, written in Perl) At the client side, Mac OS/X Mail contains Bayesian spam detection which can be trained/tuned for the user's preferences. Netscape 7.1 has similar features. However, the real solution is server side, so that I don't waste the connect time or cpu cycles on my desk/lap dealing with the garbage. The company where I work implements spam detection/routing centrally, with the digital sewage routed to separate storage. I suspect that service providers who would offer similar capabilities would find a ready audience.
> The only major question left might be... >
You outlined an approach for contact origination that seems quite reasonable (especially if implemented server-side), and is also clearly implementable in REBOL. Such an implementation has the added virtue of being platform-neutral. This could be developed either as a mail client, a server-side tool, or packaged as a service-by-subscription.
> ... > Show me how I'm wrong about this. I am *not* pro-MS. However, for
<<quoted lines omitted: 3>>
> ones to jump on the first viable anti-spam bandwagon... > or be left behind.
Re "other solutions", have you looked at Jabber? Having been involved in computing for my entire career (beginning with my first programming course in 1968), I have absolutely *no* faith that big, entrenched corporations will save the world. In fact, history (within my career) tells me that sooner or later they begin to believe their own PR, think of themselves as the center-of-the-world/source-of-all-good-bits and get blindsided by a great idea from the little guys. (Do you think REBOL is a good idea? 'nuff said) Burroughs, DEC, and Data General all had great ideas, and made significant contributions to the development of computing (both academically and in the marketplace), but missed the significance of the high cost of totally proprietary platforms. IBM totally missed the desktop/distributed computing paradigm shift. Microsoft ignored networking until Novell proved its viability for the business market. Microsoft (in the person of Bill Gates) made public remarks disparaging the significance of the Internet. In the last two cases, Microsoft was able to use market position and financial resources to turn the ship around. At some point there will come an idea that is sufficiently (and likely culturally) different that The Computing Establishment won't recognize (or embrace-and-extend) it quickly enough. (At that point most big companies turn to the lawyers and/or the checkbook...) We (the human race, collectively) don't yet understand the role or value of high-bandwidth, ultra-low-cost communication. As usual, the abusers of their fellow-men are quick to jump on a new concept when they think they can turn it to their profit/ad/vantage, but that's only temporary. Consider the abuse of the telephone (and telephone owners) by the junk-phone-call industry. A range of interesting responses have occurred, from unlisted numbers to caller ID, to state- and US- wide "do not call" lists. [Perhaps some of our international list participants can educate me on whether the problem is as bad in the world at large, and what's being done on the larger scale.] I think it's too early to declare anything as a final solution given the tremendous creativity unleashed on (and by) the 'Net. (And I, speaking strictly for myself, don't want to invite an 800-pound gorilla with a fly-swatter to take up residence in my house just because someone left the back door open and a few mosquitoes slipped in... ;-) Thanks for the stimulating post, and for listening! -jn-

 [3/6] from: joel:neely:fedex at: 12-Jul-2003 8:23


[I apologize if this is a duplicate. On my first attempt to send it, my mail server glitched -- ironically enough! ;-] Hi, Ken, Just thinking out loud... (and there *is* REBOL relevance further down! ;-) Ken Cadby wrote:
> A lot of people will automatically reject a Microsoft solution, > and will even deny it after it has achieved critical mass and > major market share. >
This list is the *last* place I'd ever have expected to hear market share cited as a measure of fitness. (Have you turned on a television lately? ;-)
> Am I the only one here who thinks their 2003 Outlook is going > to be a major spam killer? What could be more secure than to > only accept email from senders who are in your contact database? > For me, adding someone (or the From address of a mailing list) > to my contact db will be a small price to pay, to *completely* > eliminate spam. >
What do those questions have to do with Outlook? There are already products available for whitelisting and other forms of spam control. The fact that Microsoft (again) may copy features invented elsewhere doesn't lead me to conclude that my problems will go away. (After all, the fact that they -- belatedly -- entered the browser market and then used their monopoly position to interfere with that market hasn't prevented pop-up ads, pop-under ads, nor browser-based holes in security!) In almost no time Google pointed me to http://tmda.net/
> TMDA is an OSI certified software application designed to > significantly reduce the amount of SPAM/UCE (junk-mail) > you receive.
(Unix server based) http://au2.spamassassin.org/index.html (a cross-platform tool, written in Perl) At the client side, Mac OS/X Mail contains Bayesian spam detection which can be trained/tuned for the user's preferences. Netscape 7.1 has similar features. However, the real solution is server side, so that I don't waste the connect time or cpu cycles on my desk/lap dealing with the garbage. The company where I work implements spam detection/routing centrally, with the digital sewage routed to separate storage. I suspect that service providers who would offer similar capabilities would find a ready audience.
> The only major question left might be... >
You outlined an approach for contact origination that seems quite reasonable (especially if implemented server-side), and is also clearly implementable in REBOL. Such an implementation has the added virtue of being platform-neutral. This could be developed either as a mail client, a server-side tool, or packaged as a service-by-subscription.
> ... > Show me how I'm wrong about this. I am *not* pro-MS. However, for
<<quoted lines omitted: 3>>
> ones to jump on the first viable anti-spam bandwagon... > or be left behind.
Re "other solutions", have you looked at Jabber? Having been involved in computing for my entire career (beginning with my first programming course in 1968), I have absolutely *no* faith that big, entrenched corporations will save the world. In fact, history (within my career) tells me that sooner or later they begin to believe their own PR, think of themselves as the center-of-the-world/source-of-all-good-bits and get blindsided by a great idea from the little guys. (Do you think REBOL is a good idea? 'nuff said) Burroughs, DEC, and Data General all had great ideas, and made significant contributions to the development of computing (both academically and in the marketplace), but missed the significance of the high cost of totally proprietary platforms. IBM totally missed the desktop/distributed computing paradigm shift. Microsoft ignored networking until Novell proved its viability for the business market. Microsoft (in the person of Bill Gates) made public remarks disparaging the significance of the Internet. In the last two cases, Microsoft was able to use market position and financial resources to turn the ship around. At some point there will come an idea that is sufficiently (and likely culturally) different that The Computing Establishment won't recognize (or embrace-and-extend) it quickly enough. (At that point most big companies turn to the lawyers and/or the checkbook...) We (the human race, collectively) don't yet understand the role or value of high-bandwidth, ultra-low-cost communication. As usual, the abusers of their fellow-men are quick to jump on a new concept when they think they can turn it to their profit/ad/vantage, but that's only temporary. Consider the abuse of the telephone (and telephone owners) by the junk-phone-call industry. A range of interesting responses have occurred, from unlisted numbers to caller ID, to state- and US- wide "do not call" lists. [Perhaps some of our international list participants can educate me on whether the problem is as bad in the world at large, and what's being done on the larger scale.] I think it's too early to declare anything as a final solution given the tremendous creativity unleashed on (and by) the 'Net. (And I, speaking strictly for myself, don't want to invite an 800-pound gorilla with a fly-swatter to take up residence in my house just because someone left the back door open and a few mosquitoes slipped in... ;-) Thanks for the stimulating post, and for listening! -jn-

 [4/6] from: pwoodward::cncdsl::com at: 12-Jul-2003 9:22


Ken - I see several problems with the "Accept mail from known contacts only" approach. It's easy enough to implement in just about every version of Outlook and Outlook Express since Office 97. Just create a filter that moves all emails to your deleted folder if the senders email address is _not_ in a list. However this still ignores web sites that use email verification, or send sales reciepts. There's just about no way to know what email address those messages will be coming from. So, with MS's default approach coming up in Outlook2003, this may create some problems. It's similar to the "Response required to send" approach being used by ISPs like Earthlink. For instance if you were an Earthlink subscriber, when my email to you hits their email server, that automatically triggers an email back to me, containing a clickable URL. I _must_ click the link in order for the email to end up in your in-box. However, what if I am a machine? I'm the US-Airways web server, sending you the reciept and itinerary for the tickets you just bought. I will hardly be clicking the URL - and you'll get no verification that your purchase was successful. I think things like the "known contacts only" approach will work fine for intra-office email. There's usually a known list of employees to draw upon (a directory like LDAP or Active Server). But it starts to run into problems with inter-office approaches (Lotus Notes allowed for cross certification of user directories, and it was still a PITA), and email that might come from other, legitimate sources - friends and family for instance. The "response required" approach would work fine if every legitimate email sent was from a human being; but that's just not the case when dealing with e-commerce sites. And don't expect Amazon to make their outbound email reciept address "known" when it could be used for abusive purposes. Just my two cents - "known only" and "response required" are OK ideas, but they do have flaws, and won't solve the Spam problem w/o introducing new ones. - Porter

 [5/6] from: joel:neely:fedex at: 12-Jul-2003 9:02


Hi, all, Speaking of irony, I think I just overdosed! After following (and posting to) the discussion of email-etc, I browsed over to Dilbert and saw today's cartoon: http://www.dilbert.com/comics/dilbert/archive/images/dilbert2003071742312.gif (Watch out for URL-wrap; I used the absolute image link in case someone doesn't get to see this today...) -jn- Joel Neely wrote:

 [6/6] from: carl::cybercraft::co::nz at: 24-Dec-2003 22:23


On 13-Jul-03, Porter Woodward wrote:
> Ken - > I see several problems with the "Accept mail from known contacts
<<quoted lines omitted: 5>>
> send sales reciepts. There's just about no way to know what email > address those messages will be coming from.
What about having a very short, formal format that unsolicited email has to conform to to get noticed? Spammers could still use it, but they'd be restricted to (say) messages of 60 characters or less and with no HTML or URLs in. And perhaps also have an address-book that allows for addresses to have an expiry-date. -- Carl Read
Notes
  • Quoted lines have been omitted from some messages.
    View the message alone to see the lines that have been omitted