Geekularity

The New York Times & the Associated Press are reporting today that Yahoo & AOL, two of the largest email account providers, are implementing a new system where companies can buy access to recipient email accounts and bypass the SPAM filters. The same spam filters that they are trying to sell to their subscribers as protection.

This seems like a form of extortion and a blatant conflict of interest: “You can take your chances and run through the gauntlet of our spam filters, or you can slip the bouncers a couple of bennies every year to look the other way!” This will in no way help against SPAM. Rather it will be just another revenue stream for Yahoo & AOL until we all realize that it doesn’t work.

It will quickly become ineffective as the first ones to pony up for that access will likely be the spammers themselves. Should they get blocked in the process, no bother! They’ll just use the same tactics they have been using to change their identities and to try again. This system just buys them a couple of days of unfettered access while the spam cops play catch up. Meanwhile, the mom-and-pop store you are hoping to buy a rare book from just sent you a message telling you that one copy just arrived and that you have until noon to respond before they move on to the next person on the waiting list was just dropped into the bottom of your spam bucket because the store owners can’t afford to pay AOL and Yahoo their protection money.

There are other alternatives that are in the works which will likely be more effective:

1. SPF - Sender Policy Framework simply requires all domain owners to identify the servers from which their real email is coming from. Messages from anywhere else can be discarded. If implemented correctly I guarantee that this will cut down on 80% of the unsolicited email out there.
2. ISPs taking more responsibility. Most mass emails originate from computers of unsuspecting broadband customers who don’t know they’re involved. Their computers are infected with some form of malware and are sending out the messages on behalf of a malicious third party. Its not difficult for the network provider to identify a node on their own network which is sending out mass emails. Internet Service Providers could set up simple tripwire programs that would cut off computers until the owner makes contact. Once the owner acknowledges that their computer is causing a problem and makes the repairs, they can get access again. It doesn’t even need to involve the expense of tech support. Using “captive portal” technology used by WiFi hotspots, the owner’s next web surfing session will automatically point them to the appropriate notice and tutorial to fix their machine and to keep it clean.
3. More to follow… but first I must change the diaper of my toughest critic.