Tim Connors wrote:
Gates' idea is being put to use every day on this very mailing list. Notice those GnuPG signatures lots of us seem to use? Try assigning higher "non-spam" scores to GnuPG signed messages.So spammers will simply write their own pgp signatures. After all, PGP only tells you that the person who signed the message was the one who wrote it. Unfortunately, PGP doesn't come with an evil-bit. Reemember, anything the anti-spam community can do, the spammers can do as well. We are very much fighting a losing battle, and only buy (with lots of effort if you want to change the way email works) small amounts of time. The only solution is education, but unforuntalely, 50% of the population are just too god damn fucking stupid to get it - witness the spam for some kind of drug with plenty of spelling errors, that advertises that the business is being shut down by the drugs administration, so get in quick. Who could possibly be so fucking stupid to respond to an ad like that? Unfortunately, enough people to make the whole business profitable.
Spam is a BILLION dollar industry.Get that into your head and then you'll realize that Spam will NEVER go away. Too many people buy it, too many companies profit from it.
If everyone goes to SPF then all you need to do is set up your own ISP and SPF all the spammers and make millions. Spam RBL's are being attacked on the legal front which puts black lists in jepardy. The idea being that businesses have a legal right to solicit their customers and a third party cannot block that. Bitch all you want, but not to me...
Trying to perfectly block spam through a policy (SPF, DNS TXT entries...) is like trying to block advertisement on radio and television. TV advertisers attack TiVO. Public Radio has ads, but they don't call it that.
What makes you think that the Government agencies around the world aren't going to gaurantee some loophole will always exist for spammers? They (spammers) contribute millions of dollars to politicians to guarantee that they stay in business with as little "real" impact as possible. Look at the US CAN-SPAM act. It's an embarassment that I live in this stupid country. Spam is legal under CAN-SPAM and you and I cannot take legal action against them. Only the ISP's can. And a quick change of $$$$ will solve that problem too but you'll never be able to prove it.
The only method with any potential enduring effect will be from a "grass-roots" perspective (God I hate that term these days, it's been so perversed). If you don't come up with something on your own, you will get spam. If you come up with something that is shared you may be attacked.
razor and pyzor have both been heavily compromised so there's little effect there. RBL's are our best chance, but they may not survive legal assaults for very long.
It's a billion dollar industry, both sides of it. And it's going to get really ugly. IMHO, much of what was no longer exists and much of what is to come will pretty much suck.