Following up on my earlier post on Simple Sender Authentication, I propose an even simpler way to create an effective white list. The sender need only include a "password" somewhere in his message. I think the best place for it would be in the "signature" at the bottom of the message. If we had smart client software, it could associate the signature with the email address. When a message is received, smart client software could examine the signature and the sender's email address and could decide if the message looks legitimate or suspicious.
Again, this is not security. Obviously, anyone who knows the sender probably has the sender's signature, and so he would be able to forge a message. But how often does this happen? And if or when it does happen, there are social consequences. Would you forge a message from a friend or acquaintance of yours?
It's interesting to consider the possibility of intelligent email clients. Sure, Bayesian-like spam filters try to be intelligent. But in the end, most spam filters make a yes-or-no decision. "Yes" it's spam, or "no" it's not spam. Here are a couple of other ideas about intelligent email clients:
Intelligent sender identification. A client can remember certain facts about a sender, including the email address, the mail client used, the SMTP server that the message is normally submitted to, the signature at the end of the message. By recognizing these features, a smart mail client could sort mail intelligently.
Intelligent mail sorting. A client doesn't have to make a yes-or-no decision about spam. Better would be for the client to sort the new messages in order of relevance. Messages from your wife or kids come first, then your boss, then any messages that mention your current work project, and so on. Last of all come the spam messages.
This method of sorting is more than just spam control. It's the kind of organization we all dream about, taking back control over our lives. It would help us to focus our attention on what is really important, and to cut through so much noise.
Posted by Doug Sauder at October 23, 2003 08:24 AM