TechRepublic : A ZDNet Tech Community

Network Administrator

Host: Selena Frye
Contact

E-mail security is a hot topic, as it has been for quite some time, and everyone is looking for the spam-filtering panacea. There are dozens of security vendors out there, who are all touting their proprietary solution, and there are also many different white- and blacklists, each implemented with varying degrees of success. Personally, I have used at least a half dozen different solutions, and like a large percentage in a recent survey, I am very concerned about the proliferation of e-mail-based threats out there.

Habeas Study Confirms Strong, Ongoing Demand for Email in Direct Marketing, Mobile and Web 2.0 Applications (Business Wire)

It really comes down to a question of the near zero-sum game of privacy versus security. In order to keep spam, adware, and other malware out of our environments, we are going to have to give up privacy to someone, but the question is, who? Obviously Microsoft and Google would love to be the repository of all of that information, but my answer is that the consumer should be able to choose who they want to trust to handle that data in a way that the customer approves of.

For e-mail, there could be a central certification authority that legitimate senders could opt in to by choosing to verify information with a company of their choice. The central authority could be managed by the FCC, and people who wanted to restrict their e-mail to only those who verified their identity could subscribe to this whitelist. The consumer could verify different pieces of their identity, much like services such as PayPal implement, through companies they are comfortable with. Businesses could register as well, as long as they meet different requirements related to unsolicited e-mail and unsubscribe policies.

It seems like a win-win solution to me; if a consumer’s e-mail account is hijacked by spammers, the offending computer can at least be identified and the owner notified that her computer may be a zombie. If a business is truly engaging in legitimate activities, they shouldn’t mind certifying compliance, registering, and agreeing to strict regulations. Do you think that such a system would help weed out spam?

Print/View all Posts Comments on this blog

Would you agree to verifying information in order to reduce spam? Andy J. Moon | 06/11/08
seems similar to one of the early ideas Neon Samurai | 06/12/08
I Agree staylor@... | 06/12/08
Hmm, Nice idea, but how do you deal with Verified Users infected by Bots? Tomb@... | 06/12/08
hmm Magic Alex | 06/12/08
Then.... grax | 06/12/08
...also SpamArrest brian@... | 06/16/08
Usefull to know grax | 06/16/08
RE: E-mail security shouldn't be this tough jakatam@... | 06/13/08
We Lose More Than Privacy gbentley@... | 06/16/08
So True - This 'solution' is a very bad idea. Answerfactory | 06/16/08
A third party that mediates is a problem. temp@... | 06/16/08
RE: E-mail security shouldn't be this tough temp@... | 06/16/08

What do you think?

White Papers, Webcasts, and Downloads

Recent Entries

TR on Twitter

Archives

TechRepublic Blogs


500 Things Every Technology Professional Needs to Know
Did you know Microsoft's RegClean does not work with XP but you can use shareware to clean your registry? Did you know most wireless access points don't have encryption enabled by default? Did you know there are 500 tidbits of information contained in TechRepublic's 500 Things Every Technology Professional Needs to Know that will help you become a successful IT professional.
Buy Now
Quick Reference: Linux Commands
Reduce stress and speed up resolutions with the easiest command references right at your fingertips. You'll receive a PDF file covering Linux, packed with the most common commands you'll need and use daily.
Buy Now

SmartPlanet

Click Here