Lots of people are suggesting that the ever-increasing wave of spam may bring e-mail as utility to its knees. Others are saying that when something is threatened, it fights back.
Paul Vixie is a genuine Internet pioneer, and a (the?) DNS guru. He was behind one of the big — and somewhat controversial — projects to 'blackhole' ISPs whose equipment was used by spammers. But although those projects did block some spam — and also caused harm to innocent bystanders — they proved insufficient to stem the spam tide.
Yesterday, Vixie (on the Nanog mailing list) delivered a prophesy about where this is leading. It deserves to be taken seriously. It is not pretty. In Vixie's view, if blackholing fails, the next step is a whitelist Internet—at the service provider level.
… you'd better prepare for the inevitability of widespread filtering against your DSL/Cable blocks
DSL/Cable is a fine access product, it's better than a phone line & modem because it allows faster web surfing, movies/mp3/etc on demand, and soon VoIP. but no e-mail server anywhere can afford the risk of accepting e-mail or any other push-data from them. risk management, in this case, is going to come in the form of widespread e-mail rejection from all DSL/ Cable blocks. “talk to the hand.”
[Then, in response to an earlier poster's suggestion that the solution to spam is “better ways to identify the specific sources of the unwanted traffic, even if they change IP addresses”]
my informal survey says the bad guys are better at this stuff than we are,
and they're getting better every day, and we're not. the trend isn't good.
As a DSL user I find the idea that my email will be seen as 'high risk' to be very ominous.
I just ran into this (or something close) — emailing to a Miami firm, it shut out my DSL ip, but I could get through using my dial-up. Too much is invested in broadband, however, for them to become obsolete over this issue.
There are some people doing this already, at least to cable blocks. SATN had a rant against it a couple of months ago.
It shouldn’t be called a whitelist, though. It’s an extension of the blacklists, except instead of blacklisting individual IPs as they’re caught doing something, Vixie’s calling for blacklisting whole blocks of IPs which haven’t done anything but might. Pre-crime? The idea seems to be that because blacklisting hasn’t worked, we ought to blacklist more.
My assumption — and I hope I’m right — is that the linux distributions would evolve to include the sort of authentication that your upstream ISP would recognize as a secure server. At least for those of us who run our own web and mail servers from home, I trust that the tools we use will keep up with the ISPs.
Paul is not exactly the most accurate prognosticator in the spam world. He came up with a technical hack for publishing blacklist information, he anticipated some of the legal issues. But look at the completely predictable legal mess that MAPS got into.
Paul also has a history of making sweeping statements that simply do not pan out. He thought at one time that he could force other ISPs into complying with his demands by threatening ‘collateral damage’. The idea that this would lead to legal consequences did not occur. You won’t find the humiliating lawsuit losses mentione on the MAPS site.
There are a lot of people who are speculating about cutting off DSL access. It is utterly stupid talk by people who have little clue about where the market is headed. In a few years time practically all Internet service in the US will be delivered via Cable or DSL. Most businesses will be on DSL, not T1 lines. Sure some idiots will have blanket blacklists against DSL, but they will be few in number. Same way that there are some prominent anti-spam chuckleheads who advocate blocking all mail from hotmail, yahoo and other freemail providers.
What is really going on here is that there is a faction who really, really hates the fact that the Internet became a resource for the masses. They know they cannot reverse that process but they want the next best thing, which for them is kind of a Fraternity for ‘real internet users’.