On Wed, Apr 12, 2023, at 11:01, Keith Moore wrote:
On 4/11/23 20:48, John Levine wrote:
I don't think that "easy to send a bazillion messages in a short time" was a goal of email's design.Nobody ever said it was, but the fact that you can do so is a key reason we have email spam.There are several ways of describing the conditions that permit email spam.
At least at one time, it was common to hear that the problem was that people could send a bazillion messages for (nearly) zero cost.
In these days of widespread DDoS attacks and IP address blocking, you could also say that the spam problem is caused by it being easy to originate mail from anywhere.An alternative description could be that it's easy to create large numbers of distinct pseudonymous email sender addresses. (which is why authentication by itself doesn't necessarily address the problem.)Another is that email makes it easy for a sender to send to any number of strangers without prior arrangement.How one chooses to describe the conditions may presume a particular kind of solution, or exclude one. But that doesn't mean it's the only way to think about it.
It's also decentralised in a way that:
Skype in >10 years, 2 on Signal in five. Similar vanishingly low number of fake contacts on Facebook, Twitter, etc. None of those have contained malicious payloads.
zero of these systems are decentralised, or even federated. So it's much easier to rate limit and look for behaviour patterns.
Yeah, it's not the same thing at all.
Bron.
--
Bron Gondwana, CEO, Fastmail Pty Ltd
brong@xxxxxxxxxxxxxxxx
