Since internet service providers can usualy tell whos computer is infected by using software to monitor trafic they should send these people a letter telling them to fix thier computer or be cut off.

Sounds a bit harsh but with all the free programs out there to protect people from these malware programs that create zombie computers that these numbers are unexeptable.

This would have been correct...a few years ago.

P2P changed that. They can't base anything off of traffic useage anymore. Sure, in a business, you can, very easily. But for the home users, this is no longer true.

And some P2P apps are using SMTP ports now as well, so it gets even harder.

Some ISP's do. Mine for example (www.eircom.net) does.

At the very least internet service providers should have a free online virus scaner and require costomers to run it once every 3-4 months
to continue using thier services even thou they would have people complaining about 3-4 hours a year wasted running a virus scan even thou the idiots dont have to be in front of the computer while the scans are being run.

I say to hell with people who don't care if thier systems are infected as long as it doesn't affect thier mesengers or abilities to play on sites like pogo it's time to start forcing these people to keep thier systems clean of this garbage.

The government should realy inact a law requiring this if the Canadian and U.S governments would do this and start presering the european govenments to do the same how many zomie computers would actualy be fixed i would say the numbers would be in the millions easily.

Not going to happen. Government involvement? Would you like to have that job? 'Regulate every PC in the country.'

Yeah...that'd work.

ISPs would risk losing customers if they forced them into security with a do-or-die policy.

Yeah...that'll happen.

Realistically... It's now up to the OS, and it ain't gonna get better. The spammers will find a way around whatever MS comes up with to block them.

Government regulation would actualy be a requirment to create a level playing field between all the internet service providers.

AS for relying on the OS to protect people your right microsoft can't protect everybody but they Do TRY take mirosofts antispyware it's a decent program i like it better than any other spyware program. not to mention unlike apple they still privide service packs and patches for years after they come out with a product for free to fix the holes the scum are exploiting. Just to bad they can't fix people from going oohhh email lets open it see what it is i wasn't expecting anything. Yes i know email can be spoofed but i always check with the people if i'm not expecting anything it's nessesary these days even with updated antivirus software they still have to find and create a definition for it first.

Dump SMTP/IMAP/POP3. Old tech, not intended for the purpose it currently serves. The ability to spoof email addressess has been around since email originated and simply cannot be fixed without creating other major problems. It was not intended for use on such a massive, uncontrolled scale.

The security just isn't built in, and this problem will *never* go away. Consider how easy it is to set up your own mail server, on your home PCs (hell, the spammers do it for you, now.) How could any enforcement agency/government ever hope to monitor or regulate that? It's just not possible.

Blacklisting won't work. Spam-filters won't work. Educating users....yeah, right.

The way the Email system was designed is the cause, there is no cure for it. Scrap the system and start over....or live with it.

I wouldn't say scrap the entire system, but yeah... we need something better than the current system. I think it would be possible to implement new technology as long as it would be compatible with the old at first. Then ISPs could get their feet wet without a logistical nightmare. The only thing we need now is somebody to create this new technology.

There lies the rub. Fixing what needds to be fixed in the current email protocols (mainly the spoofing issue), would require breaking backwards compatibility. Hence...never gonna happen.

Your statement applies to the whole internet. The infrastructure was not designed with 'policing' in mind.

An effective anti-spam solution works!

POP4 ;)

http://nyti.dyn.ee:81/pop4/pop4/pop4spec.html

IMAP4 ;)

http://www.faqs.org/rfcs/rfc1730.html

Um wonder why no one uses pop4 or imap4. :P

--
Blacklisting won't work. Spam-filters won't work. Educating users....yeah, right.
--
I don't agree. I've Mailwasher: I've a good spamfilter/blacklist which stops (without any manual aid and without error) around 90-95% (around 75/day) of spams (I mean real unsollicited emails). It means that if each ISP integrates a filtering system like that, the amount of spam (at least on its actual form) reaching mailboxes will clearly decrease. But I know that filtering everything is not easy for ISP (need special structures/servers dedicated only to this task)

I "kinda" agree with that statement... :-}
The internet as it is, is way to old skool to do anything about what travels over its lines
whereas the pc itself has grown beyond imagination.. the internet still uses the same ways of communications... here and there some protocol updates... but overall... the viruses and all that junk that plagued us back in the day are still arround in 1 form or another...

In my opinion it shouldnt be the users responsibility to keep installing a million programs to protect themselves...
I wouldnt mind paying a few bux extra to have "the internet" take care of that before any bytes arive at my pc...

I wonder what the Internet2 has as solutions to these problems...
although I2 is way more powerfull then we could currently imagine our internet to be...

and yes i know.. no matter what they do...there is always someone out there who figures a way arround it...

And as soon as a large ISP standardizes on a filter, the spammers will target that filter, thus making it useless...

See where this is going? It's a circle, my friend. No end....

I understand that some filters work. I understand there are ways savvy PC users can protect their systems. But unfortunately, that isn't enough. The spammers have resources to, and if they pick a target filter, it's going down...guaranteed.

What?

Wow...

Both still depend on SMTP...which makes it completely useless as an anti-spam 'fix' for email.

The main reason spammers can get away with what they do so easily, is because they can spoof their email addresses, and because they can run an smtp server anywhere, anytime. Has nothing to do with POP or IMAP, or any revision thereof.

Everyone talks solutions, but no-one, not even those who actually know what they're talking about can come up with a viable solution.

Scrapping SMTP won't work because it's too universal now. Scrapping it would be a logistical nightmare and wouldn't work anyway because you'd have to get other governments involved.

Probably the best bet is to migrate users away from email entirely. There are other alternatives. Usenet, IM, forums, etc, are probably going to need a major kick to get them up to where they'd be a valid replacement, but email simply has to go away. There's no other viable option.

I get ZERO SPAM.
I use a very simple formula:
1) senders must be on my "OK list"; or,

2) senders must place a "KEY" in the email subject. I make one "KEY" available to friends/family/business-contacts, and I have second one that I make available publicly on my web site (so anyone can in theory send me Email). If the current "key" is abused, I just change it, and update the "OK list" to only accept new key.

It is SO simple. I just wish Outlook,etc would support the storing of a "key" along with contact names so this could be universal. It would be impossible (or certainly not worth the cost) for spammers to keep try millions of permutations per addressee trying to figure out what "key" would make it through.

Mike

Email going away? Email is one of the basic services that made the internet successful. Email allows people to send messages instantly around the world for nearly free.

Filters will never be perfect, but some of them are pretty damn good. People running smtp servers on their own computer is a pretty minor source of spam that actually gets in your mailbox. Most isps and email providers blacklist all consumer isp IP blocks.

The only ways to insure 0-almost no spam is by implementing technologies which require widespread adoption. This will be very difficult to do, but a backwards-compatible solution needs to be slowly phased in. Eventually when it is adopted widely enough, ISPs can begin to flip the switch and block all servers/email sources that do not follow the new standard. If this is done, the remaining valid email servers will be forced to implement the technology also or they risk losing customers. This is being done with senderid / spf; although spf only verifies the smtp server has permission to send from the domain, the server is still responsible for verifying users.