Subject: Breaking up the Bot army - we need a plan
Date: Monday 11th December 2006 14:48:44 UTC (over 11 years ago)
As spam keeps increasing in volume and complexity we will eventually lose the war on spam if we don't change the standards. I'd like to open a discussion about what needs to be done and how to go about doing that. So I'll start. Any changes to the standard needs to be evolutionary. If we add a new feature to the standard that is so compelling that people give up the old standard and it is phased out. First - I see bot nets as the biggest culprit. Not just as spammers but as sources for DDOS attacks. In the early days of email only the sharpest people had access to it. Now that consumers are using it they need some protection and we need protection from them. How do we isolate end users so that they can't get viruses as easily and spread them as easily? By default all consumers should be behind a NAT to protect them from the outside world. Like many of you. I'm someone who works from home and provides so service from home. So I would not want to be prohibited from running an email server from home. But if I had to got to a web panel that my ISP provided to open up ports that would be fine with me. All outgoing email from consumers should by default be required to use authenticated SMTP or some new authenticated protocol. At least force consumers to use the submission port and block off port 25 for outgoing SMTP by default. If consumers were forced by default to send mail on a different port then servers could determine if they were talking to a consumer or if they were talking to another server. And outgoing email would require a password to send, So the virus wouldn't know the password and the virus wouldn't be able to send email. You could also have the operating system register apps that are allowed to send email and block all apps that aren't specifically allowed. The idea here is that if you can reduce the mechanisms that allow viruses to spread then there comes a point where viruses go away. All we have to do is get the spreading down to that threshold. I believe that if we do it right that the bot army threat can be beaten. And if we got to that point the rest would be manageable. We can talk about other things but I'll stop here to focus on the bot army.