Subscribe by EmailIt’s time to get rid of email
May 14, 2008 by Chip |
There are few things in life that I hate more than spam. But I hate receiving one type of message even more: delivery status notifications for spam that was sent to bad email addresses, spoofing my address as the sender. Lately, I’ve been getting a couple hundred of these per day. Of course, that means that probably several thousand spam messages reached their destination, fingering me as the sender. I wonder how many mail servers have black-listed me. Even the most intelligent spam filters have probably begun to assign a high spam probability to my address.
As far as I know, there’s very little that can be done about this. SMTP was not designed with spammers in mind. Back when email protocols began evolving in the ’70’s, the only people who used email were innocent geeks. Even though the first spam message was sent thirty years ago, spam didn’t really become a popular marketing tool until everyone and their grandmother got on the Internet in the 1990’s.
Spam isn’t the only reason why email is a broken communication medium, though:
- Delivery is not guaranteed. Between potential problems with your email client, a server hiccup somewhere in between, or any number of junk mail filters that your message might encounter along its journey, the odds of it actually reaching its destination are getting worse daily.
- Too much noise. Even if your message reaches its intended audience’s inbox, they might not even notice it among all the other messages they receive every day – especially since 90% of the ones that aren’t caught by spam filters are still spam.
- It isn’t private. Sure, you can set up secure email, but who goes to the trouble? In my experience, many companies send sensitive business plans over unsecured email. Individuals, too, often send personal information over that same public channel — even passwords.
- Sender spoofing means you can’t trust that the message is from the person that claims to be the sender. If you hit “Reply”, you’d better examine the resulting Reply-to address, or you might not know to whom you’re telling all your deepest secrets.
- HTML mail makes it easy to hide phishing links. A savvy email recipient will never click a link in an HTML email without viewing the source to verify the domain — but how easy is it for most people to be fooled?
Clearly, the time has come for a replacement for email. We need a secure, private service with guaranteed delivery, verified identity, and no spam. Messages should be organized into discrete conversations to which only specific people are granted access — to read or to contribute.
Hmm…I may have just given myself an idea…
- The new web campaign of the day
- Back up files to email with just one right-click
- Working in a zen-like paper-free office
- Have podcasts delivered directly to your email
I too, hate spam, but nothing beats skill and experience to tell “friend” from “foe”. Those 5 points really troublesome. I didn’t know it was so unsafe.
Thank God, I’m a geek in the pink.
I guess the solution is, erm…IMing?
Besides, one of the good things about email is that it doesn’t interrupt you. You can process it when you’re ready, instead of having a message pop up in front of your face.
I’ve noticed, though, that GTalk now buffers messages when you’re offline. That’s a step in the right direction.
//bob
But if you get 200 spoof bounces a day, maybe you really ought to change address…
In particular, some of the key design points of email are:
– Openness to all comers (you don’t need to register/authenticate a machine or person to send email)
– Store and forward architecture on a loosely-structure internetwork
– A plurality of mail-reading tools that can take “delivered” mail and do almost anything with it.
Some of the problems you have with email (notably authentication and misleading html links) are things that can indeed be fixed, but they can be fixed in SMTP/MIME — it’s not necessary to replace it. But the others (notably uncertain delivery and spam) are going to inevitably be problems in any message delivery mechanism that shares those design goals.
I’ve had this argument over and over for years; usually once people understand the underlying constraints, the wholesale replacement of email becomes less appealing. (That’s particularly good because it’s practically impossible to imagine a transition anyway.)
I know that my view may be considered somewhat biased, since I’m associated with the creation of some of these protocols, but I’ll have a hard time taking these proposals seriously until you can tell me how a new protocol would differ from SMTP in such a way as to prevent spam and guarantee delivery. I don’t think it can be done without a lot more central control on the Internet, which would be a cure worse than the disease. — Nathaniel
After thinking on it overnight, I agree with you that email can never be fully replaced.
But I’d like to see a new messaging system that is centrally controlled and private (but provided with an API so client tools could access it, given proper authentication). I’d use that for communicating with my customers and my friends and family — and relegate email to initial contacts only. Then I could afford to ignore it most of the time.
The biggest problem I have with email right now is that it’s doing too many things. Some correspondence should be private, plus it gets lost in all the other noise.
It would be sent in the xtra headers of an email and match a pool of accepted professional email addresses.
Then if the company wants to restrict email usage, it may route all non-tokenized emails to a list of public email addresses of the company for clearing, and only properly tokenized emails could reach individuals of the company.
The drawback: the more tokens to store for one email address, the more searching for allowing an email to go through.
I don’t think this would require any change in the protocols.
Isn’t there something like that in some mail servers?
The problem you’re having isn’t with SMTP or your local email client. The problem you are having is almost certainly caused by using your email address as you sign up for online services, games, widgets, etc…
EMail me if I can help.
Rather than give up on my long-standing address, I’ll probably set up some rule to just trash the delivery failure notices.
Spoofing is also a problem at our email services. The US Army should hunt down Spammers instead of BinLaden. They cause much more problems!
Secure messaging is available. You can use encryption and a secure email service such as “Sub Rosa” from novo-ordo.com.
Spam is more difficult. The reason we have so much spam is because it can be sent en mass at someone else’s expense. Most spam these days come from the armies of botnets that the spammer have set up with other people’s computers. This is easy for them to do because most people use a fundamentally insecure operating system. Unless that can be changed, I do not see a solution to the spam problem.