I'm sure many of you are in the same boat with email spam. The latest attack here is spam pretending to be a mail returned message. Well I think i have a simple idea to put an end to it.
Currently the techniques are about looking at the content or blocked lists and ... it doesn't work. I still get spam in my mail but i also get real emails in my spam!
So I know what i would do if i could re-invent the email protocol but that is very unlikely to ever happen. So what do you think about this?
- Email arrives in your POP3 public mailbox (mailbox1)
- Program retrieves list of emails (POP3 protocol)
- Program checks which sender domains / address are in allowed list
- Program sends allowed emails to private mailbox (mailbox2) and deletes off public mailbox (mailbox1)
- Program emails the non-allowed email senders a templated email with a GUID in the subject line. Email says nicely "if you are not spam please replay to this email without editing the GUID in the subject line" GUID is stored against the email.
- Program looks for emails with GUID in subject, if GUID matches then original email is sent to private mailbox (mailbox2)
- After configured period of time emails that have not been approved are deleted.
User experience:
- User has a normal email address directed to public mailbox
- User has 2 standard POP3 mailboxes
- User can use whatever software they like to access mail from private mailbox
- Some interface to access the allowed / disallowed list, template and settings
What do you think? Would you be majorly put out if when you sent an email to a new contact an automated email came back and said "are you really you?". Well this could be automated too at some stage?
The point of this exercise is you know who actually sent the email so even if spam responds to your GUID your existing filters can get rid of it.