[messaging] Modern anti-spam and E2E crypto
mike at plan99.net
Mon Sep 8 04:28:36 PDT 2014
Yes this is the "poke" idea. I think I mentioned something similar a few
days ago w.r.t embedding a user-specific public key into DKIM signed
headers (effectively making email providers into CAs but with much lighter
weight tech than X.509). If you trust the ESP not to do a MITM on your
communication it can work quite nicely.
- Friends don't spam you.
> - You don't converse with spammers.
This is a good rule and Gmail uses it heavily, as do I believe all other
good spam filters.
Unfortunately that rule broke completely a few years ago due to the mass
hijackings that took place, and we saw friends unwillingly spam each other
quite a lot. But with good enough account security it does work once again.
> [Mike Hearn:] are there reasonable restrictions on the
> format of the "pitch for attention" email (2/a) which
> [coupled with a long enough delay before Email-2 is sent]
> would make any kind of spam filtering needless because it
> would disgust spammers enough not to be polite?
I don't know. My concern with this scheme would not be so much spam
filtering - whitelisting senders eliminates all the hard parts of spam
filtering and by replying to someone you implicitly whitelist them. I'd be
more worried about usability and what problem it's actually solving.
Would users understand this rather unintuitive encryption scheme? The first
mail is *not* encrypted, and thus also the subject line, but followups are
... sometimes? Would people forget? Would the UI make it understandable?
What adversaries are in the threat model and how useful is a clear-text
I think a mechanism whereby strangers can't send you encrypted mail unless
you follow up is a lot more implementable than traditional approaches to
E2E mail from an anti-spam perspective, but I have no clear opinion on
whether it sacrifices too much or not.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging