[Cryptography] Paid SMTP (PSMTP)
tifkap
metzdowd at bikkel.org
Thu Mar 1 07:43:45 EST 2018
> 2018-03-01 1:15 GMT+03:00 tifkap <[1]metzdowd at bikkel.org>:
>
> >Â Â First, your mail has gone to my spam box at Gmail, which
> funnily shows
> >Â Â we must do better anti-spam. Well, PSMTPÃ does not suffer
> false
> >Â Â positive.
> Of course it does. If I want to spam people, and I'm willing to pay
> a bit more,
> I could do this under a P-SMTP schema. It would simply rise spam
> prices, not
> eliminate them.
> So spamming al CEO's of all fortune 100 company's would cost 1
> dollar instead of
> of 0.0001 dollar .. big deal. In other words: spam would still
> exist, but it would
> be more targeted, because it would be to expensive otherwise.
> I would still 'vote' spam into the spambox, because I don't care
> that the sender
> paid for it. It's still digital crap I don't want to receive (to put
> it mildly).
>
> Dear Paul,
> Please do not judge the P-SMTP world with SMTP glasses. I take it as a
> responsibility to fail explaining P-SMTP world in mail format. A paid
> spam does not have a second chance, and will get blacklisted
> immediately.Â
Really? How?
And if there is a working global reputation system, then why not use this
system instead of pSMTP?
> It is a world with different habbits and routines. A
> finer segregation of incoming mails. It is where your main mail box is
> cleaner, smaller, and full of relevant mails.. It is a mailbox where a
> spam would be too obvious to spot and kick to death. Kicking a seldom
> spam in a beautiful P-SMTP enabled mailbox is a different story than
> strolling through junk mail to find false positives and greys or a
> mailbox of all shades of grey to be sure to blacklist the spammers
> only. A PSMTP user will have no mercy for a *paid* spam and it will be
> just one click to send it to the blacklist hole.
There is no such thing as 'the blackhole list'. There are no organised global
blacklists, just a bunch of disconnected rbl's uribl's and hashix dns bl's.
> I just checked my
> mailbox and spam box. A great deal of the content on both boxes were
> more or less the same for me. I remember deadly false positives and I
> still really have to stroll through a significant list in my mailbox to
> find the really necessary ones to read.
I thing you need a better spamfilter (provider).
> I accept the grey phenomenon, I
> survive, but if this is what we get for the price that majority of the
> mail trafic is sucked by spam, well, I don't accept it. I think the
> time for a paradigm shift on the mail thing has come.Â
> In the above scenario, the spammer not only spends a penny but a
> precious spam resource as well.
Of course not. The majority of spam is sent through hacked php-accounts, bots,etc.
In other words: some poor smuck who is clueless about computers would pay the
bill (think: elderly people, dumb people, etc).
> What does he get in return? Nothing but
> a real kick. Would he risk spamming a P-SMTP account (remember P-SMTP
> BL scheme including DNS BL)?
Would a criminal hesitate about buying a couple of thousand hacked smtp-
accounts to spam milions of people, and let other people pick up the tap /
consequneces?
Since this is allready the way most spammers work, I don't see why they would
not continue to operate that way.
> I don't think so. The very existence of
> anti-spam techniques like greeting delay, greylist temporary rejection,
> nolisting, quit detection all show that when there is a little bit of
> trick in the mail transaction, spammers don't bother and move on to
> another mail address in their list where the process runs in a less
> tricky manner.
No they don't! The moment a couple of systems on the internet do these kind
of things spammers don't bother about how them. But the moment a substancial
number of systems use it spammers simply adjust.
And besides that: lot's of spam (most) is send through legitimate systems, that
do things by the book (so greylisting, etc doesn't work against those systems).
> Therefore, a blacklisting threat would be more than
> enough to scare spammers away.
So paying/e-stamping is useless, blacklisting is the solution? Blacklisting
hasn't worked so far, but don't let that stop you.
> P-SMTP is not just a protocol, it is a philosophy, a spirit, a space of
> new habits, attitudes and routines, backed by ubiquitous, convenient
> private key scheme on end-point TEE security.
No comment
> Regards,
> Ersin
> P.S. I received a spam phone call for VIP services for Monaco Grand
> Prix as I was writing this reponse:) Guys, this shit's got to go:)
>
More information about the cryptography
mailing list