In response to the August 1 article by Paul Festa, "":
Your article did a good job of citing the difficulty of dealing with spam. We hear frequent calls for replacing the Internet's Simple Mail Transfer Protocol (SMTP), but why is this needed? Moving an installed base of 100-plus million users to a new protocol would be extremely difficult. We need to be certain that doing so is necessary. Some things to consider:
E-mail authentication mechanisms already exist. They are not used very much. Why would a new mechanism fare better?
When there is real consensus about the functional changes that are needed for e-mail, we can start deciding what technical changes will achieve them. Only when we find that we cannot modify SMTP to provide them will it make sense to consider replacing SMTP.
Authenticating an e-mail sender will not prevent spam. It might reduce some kinds of it, but a great deal of spam is from people who are perfectly happy to be correctly identified.
In general, solving spam will be easy--as long as we ignore the installed base of users; the human side of living with the changes; the need to scale use by everyone, everywhere; and the possibility that spammers can easily work around any particular prevention mechanism.
Many of the proposals for spam control do indeed ignore these issues. My current model is how we deal with the cockroach. We cannot eliminate spam, but we can bring it under control. It will take a variety of techniques, from administrative hygiene to real-time "spamicides." Spam will adapt--so must our techniques.