The Real Problem
Sending an e-mail requires four main entities. The author of an e-mail writes a message and a sender, usually the sender’s Internet Service Provider (ISP), sends the message to the Internet. It is beyond the scope of this article to discuss the technical aspects of sending an e-mail to the Internet but suffice it to say that the message potentially travels along many connections and through many servers before being received by the receiver. The receiver is usually the recipient’s ISP. Finally, the recipient’s ISP sends the message to his/her inbox. The path looks something like this:
Author > Sender > Internet > Receiver > Recipient
The whole process can take anywhere from a few seconds to a few days depending on traffic and any errors or anomalies encountered in transit.
The problem with this process is that there is no real verification procedure in place to ensure that the author is really the sender of a message. Some spam filters attempt to blacklist suspicious e-mails but this just means that the recipient must manage and control a list of authorized authors. The nuisance of missing legitimate e-mails is usually worse than dealing with the spam in the first place. It also precludes anyone not on the authorized list from communicating with the recipient.
Since not all unsolicited e-mail is spam, communication lines must be open for anyone to send a message. Imagine if your phone could only receive messages from approved phone numbers. This would greatly reduce the telephone's usefulness because emergency phone calls or legitimate calls from people using a different phone number at a different location could not get their message through.
Another problem with reducing spam is the identification of spammers. From an e-mail point of view, there is no way to universally identify a sender who is using many different e-mails from a variety of ISPs. Some spam filters attempt to block IP addresses, called blacklisting, but this actually causes more problems. Some ISPs rotate and assign different IPs to Internet service customers sometimes as often as every time a connection to the Internet is made. Blacklisting an IP may block a legitimate sender when the blacklisted IP is assigned to a different user.
The Internet and all its communication protocols have their roots in academia and science. Regulation of electronic communication over networks was deemed unnecessary when first utilized. The creators of the technologies and protocols developed to allow people to send e-mail did not consider the need for security and authentication because only a relatively few professionals were involved in its use. The now-archaic standards set down by these early protocols were not able to scale to the levels for which they are now used in terms of security, authentication, and privacy.