On Friday 21 May 2004 03:38, Tim Connors wrote: [...] > So spammers will simply write their own pgp signatures. > > After all, PGP only tells you that the person who signed the > message was the one who wrote it. Unfortunately, PGP doesn't come > with an evil-bit. > > Reemember, anything the anti-spam community can do, the spammers > can do as well. We are very much fighting a losing battle, and only > buy (with lots of effort if you want to change the way email works) > small amounts of time. [...] Without wanting to start another war about spam here, I'd just like to say that I think you are missing the point of SPF - or Yahoo's offering. They are primarily aimed at verifying mail doesn't have forged headers. Certainly over 95% of the thousands I receive monthly have forged headers. Also the bulk of the virus/worm spew has forged headers. If spammers used verifyable send addresses, complaints would be simple.
I see no reason why people shouldn't buy dodgy pharmaceuticals if they want to. I myself would opt into some sectors of advertising email if any opt-in system became practical (not pharmaceutical supplies, though). But no opt-in or filtering system is workable while most emails are unreplyable because the headers are forged. Eliminate that problem, and the remaining question of spam control becomes more manageable by a range of measures. And remember that prohibition always creates a black market. The prefered solution has to be more permissive. Which means "let those who want do it, as long as I don't have to be inconvenienced". I do agree with you about education, though. People should learn _never_ to buy from someone whose reply email address is suspect -- never even to click on a link, never even to open the mail. If we all did that the flow would dry up. Of course, that is what SPF would do for us automatically. -- richard -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
