There has been a lot of discussion recently about the upsurge in
spam, especially the increase in image spam. No one seems to have an
answer. I think that is because they have not recognized the real source
of the problem.
The email delivery protocol SMTP was designed to deliver electronic
mail in the same way that postal mail is delivered: The sender hands the
mail to a service which delivers the message to the inbox of the
recipient. That’s all well and good in the real world, where the sender
has to pay for postage to ensure delivery.
In the electronic world, postage is essentially free. There have been
plenty of suggestions that we tack a delivery charge onto email, with
the idea being that charging for delivery of messages would eliminate
the spam problem. That does not hold, though, since we all receive junk
mail at home, too.
Other suggestions depend on authenticating the source of the message,
with PGP or GPG focusing on the sender while SPF and
DomainKeys focus on the sending server (requiring less configuration
on the part of each individual user). None of these address the true
problem with email:
Your inbox is world-writable.
That simple fact places the burden of dealing with spam entirely on
the recipient. Anyone can send you email, and it is up to you (or your
email client) to filter out messages you do not want.
So, the real solution to the spam problem is to deal with the write
permissions on the inbox. More on that later.