On Sun, 1 Jan 2023, Phillip Hallam-Baker wrote:
If you want a walled garden, there's no shortage of them but I have two
observations.
If you read to the end you will see that I am absolutely opposed to walled
gardens.
We may have a terminology issue here. If only people on an approved list
can contact you, for me that is the definition of a walled garden.
The exception to that in my current code is that there is one message, a
contact request message that is authorized by default. So, if I have your
contact address (john@xxxxxxxxxxx, @john_levine, whatever) and I don't
already have you in my contacts, the first message I send, is a contact
exchange request saying 'Hi I am PHB, can I send you messages'.
The introduction problem is very hard. Speaking as a spammer, I plan to
buy lists of millions of addresses (which are widely and cheaply
available) and send introduction requests to all of them. If they don't
say yes, I'll do it over and over, maybe with slightly different
identities and requests, and we've just moved the spam into the
introductions. The only way I know of to prevent that is to add friction
to limit the number of requests you can send, but now you have to figure
out how to tell that requests from many different addresses go into the
same friction bucket because they are from the same sender, for some
version of "same".
Or if I buy someting frome an online vendor, I would like to get status
updates from that vendor. How do I add them to my whitelist? Do we
invent some new handshake so as part of the order they tell me what
address to add? Seems awfully complicated. You can't do it manually
since in the paragraph above a lot of my spam intro requests say "I am the
vendor from whom you just bought something".
If the rule is that I only get to use one address, nope. I have nine
phone numbers and use about a thousand e-mail addresses, all quite
legitimately, and I am not interested in an "improved" system where I
can't do that or something close to it.
R's,
John
