Sharing Well with Others

____ ______ writes: Here's something really boring. Some spammer is using my email address as the return address on a lot of spam. Result? Thousands of bounces coming back at me, interspersed with spam directed at me. Is email dying?�

The fact that you can send email from practically any email server that you have access to with any arbitrary return address should be relegated to the dust bin. Perhaps we can't close down all open relays (mail servers that allow anyone on the Internet to send email to anyone else via them). But we can stop an old practice: there's no good reason any more that someone should be able to send email from a return address that doesn't belong to them.

There should be mechanisms that would authenticate this, like, for instance, authenticated sendmail. I maintain that this change wouldn't imperil anonymity: you can still get anonymous accounts which have their own policies and enforcements about the amount of email that's sent out. No, what it means is that no mail server should accept email with a From address that doesn't have a keyed authentication message that uses an algorithm that cannot be forged: digital signatures, for instance.

It might impose a computational burden. It might impose an adminsitrative burden. But when you find out that mid-sized ISPs employ four to a dozen employees whose sole job is to deal with email and related abuse - much like the dozen employees in the New York transit system who flatten dollar bills, no kidding - there's little reason to not impose this cost.