[TriLUG] Designing a new SMTP [Was: Re: [TriLUG] Another sealbroken... thinking of installing a C/R anti-spam system]

Byarlay, Wayne A. wab at purdue.edu
Mon Jan 29 09:28:28 EST 2007


Remember that urban legend that the U.S. Government was going to outlaw
all SMTP servers, except for those run by the U.S. Post office? Ha ha
ha! But anyway:

Exciting ideas! I have never worked on SMTP but I've used it since 1991
or so. This is all strictly from a user standpoint. Let me just
stream-of-conciousness a few ideas in my head...

Going back to the USPS urban legend, think for a moment about how e-mail
does, and doesn't, mirror snail mail. Spammers can essentially set up
their own "Post Office", and this is bad. My proposal would be that
Trilug-SMTP be made of a network of servers that work on a
graylist/trust type of method. For instance:

There are 15 servers happily running T-SMTP. They regularly communicate
with each other about who is trusted. I set up my T-SMTP server, and by
default, I'm a trusted new member of the group. However, my server
starts routing large amounts of e-mail in a short period of time(Flag
#1), most of which is caught by the built-in T-SMTP spam filters (flag
#2), and finally, is reported to be "junk" by users. (another feature of
my imaginary T-SMTP). In fact, many of the fifteen T-SMTP are casting a
wayward eye at my rogue T-SMTP server, and thus it gets individually
blacklisted by those particular servers. Now, your T-SMTP server may
have a threshold level that says, "If sixty percent of my trusted T-SMTP
fellows blacklist an IP, then I too shall blacklist that IP." Then
later, if it is revealed that my T-SMTP server had been hacked, and I
REALLY NEED the T-SMTP world to trust me, I'd have to re-initiate a
"Please remove me from the blacklist!" You have configured your T-SMTP
server to give me, say, Three chances to automatically re-instate you as
a member. But then, if I continue to spam, I get flagged AGAIN, not only
by users manually and servers automatically, but I have a previous
record! A rap sheet! Blacklisted again, and this time, there is not
redemption: My IP shall never be trusted again.

There are pitfalls to this idea, I'm sure, but like I said: I'm a user,
not an admin of SMTP. I just want to help! I HATE SPAM!!! :)

One final note: E-mail clients that allow HTML <a href are LAME!!! It is
due to a client which tries to be helpful but causes harm, that allow
phishers to steal millions of dollars. It drives me crazy. My circuits
are overloaded. Must stop typing now.

wab



More information about the TriLUG mailing list