[Cryptography] Email and IM are ideal candidates for mix networks

[Perry E. Metzger]

On Mon, 26 Aug 2013 06:47:49 +0100 Richard Clayton
<richard at highwayman.com> wrote:
> If you run your own emails system then you'll rapidly find out what
> 2013's spam / malware problem looks like.

This is slightly off topic, but...

As it happens, I run my own email system (and run email for a few
other people at the same time.) My email address is also very very
widely published, so I'm on virtually every spam list in existence.
Thus, I'm reasonably qualified to speak on this.

Things work pretty well, and I spend essentially no time on
required maintenance.

Malware is not a problem. Viruses by email haven't been
prevalent for a while anyway, but because I block all windows
executable formats in attachments at the SMTP server, back when they
were common, none of that traffic got through. 100% coverage.

For spam, I use a couple of reliable RBLs, a few simple block rules,
and spamassassin for postprocessing. I get almost everything. About
ten spams a day get through to me, but on the other hand, I get
hundreds of legitimate messages on an average day and my address is
_very_ widely published.

I think that a zero maintenance box that handles this is probably
doable. One could also set up a peer to peer blacklisting/spam
reporting and detection system that would reduce the problem further
without individual work.

All that said, there is a good reason that I proposed that in the
long run, whitelist only systems like Jabber and Facebook messaging
are a better model.


-- 
Perry E. Metzger		perry at piermont.com