A small addition to the IMAP/POP email protocols could significantly reduce spam if adopted. IMAP and POP are used to get email from email servers and download it to your computer. IMAP is far more advanced than POP in that it allows you to create server side folders and store email there. So IMAP can both download and upload email.

Since IMAP can upload email then why not let IMAP be the transport for sending email out from the client instead of using SMTP? The email user would be able to upload the outgoing email over the same connection that it receives incoming email. This eliminates the need for a separate connection and a separate setup for outgoing mail.

The way it would work is the IMAP server would receive the outgoing message and then hand it off to the outgoing SMTP server that would send it to the recipient’s email server. Mail would just go out over the existing connection rather than having to establish a different connection using a different setup and a different protocol. Advantages would include:

  1. Half the setup time. The incoming email setting would also be your outgoing email settings.
  2. Verification – outgoing email could be certified by the server that it came from a person who could read the email address that they were sending from. This would reduce email spoofing.
  3. Eventually SMTP protocol could be eliminated from consumers making SMTP a server to server protocol only.

One of the problems with detecting spam is that the SMTP protocol is the same whether you are an end user sending email or an email server sending email. Thus virus infected spam zombies look like consumers sending email and servers sending email. If SMTP were limited eventually to servers only then spambots would go away as ISPs closed port 25 to the public and forced end users to use outgoing IMAP or submission protocol on port 587. If computer viruses are isolated then they can’t spread and the virus problem will, for the most part, go away.

  1. Mike says:

    What does the picture of this woman have to do with any story? has this website adopted the techtv theory that more cleavage is better for any story? I have no problem with gratuitous sex if it at least has some connection to the story. is this really John’s wife?

  2. amby72 says:

    well, it is actually a really tight firefox shirt she is wearing. so that is ridiculously hot. I want.

  3. Greg Allen says:

    Let’s get’er done! Do it, tech guys.

    I think I got my first spam about fifteen years ago and it’s crazy that the problem hasn’t been solved yet.

  4. BlackCat40 says:

    I agree. If it were a really tight Thunderbird shirt then it would make sense.

  5. Greg Allen says:

    See… that’s a problem with this blog’s habit of using any excuse to put a “blog babe” up on any post possible.

    Now we’re talking about the picture, instead of the issue.

    The open-source community reminds me of my Democratic leadership. They carp and whine but they don’t solve the problems when they have some power.

    Finally with Linux, Apache, Thunderbird, etc the Open Source community could be a real agent for change — and FINALLY fix the crazy openness of Internet communications, leading to spam, spoofing, scams, fraud, etc.

    C’mon Geeks! This is your chance to save the world! Step up!

    For starters, encrypt and sign all our email, by default, transparently. Seems like this proposals here is a good tool for the signing.

  6. Phillep says:

    Hey, hot chicks are the reason for coming here! MORE MORE MORE. (Bouncy moving gifs work too).

  7. magicmarkers says:

    postfix ftw

    smtpd_helo_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_non_fqdn_hostname, reject_unknown_hostname, reject_invalid_hostname, permit

    smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_multi_recipient_bounce, reject_non_fqdn_recipient, reject_unknown_recipient_domain

  8. jdm says:

    A good start, but it doesn’t go far enough. Don’t just isolate SMTTP to servers; all ISPs should switch to Web browser-based email and get rid of POP3 altogether too. The real problem will be the burden on the ISP’s tech support for all the customers whose POP3 email will temporarily break before they change their email client configuration.

    The POP3 and SMTP protocols should have been abandoned years ago for a newer version of IMAP that supports true authentication of the sender and verification of the receiver. POP3 and SMTP will never die, but they can fall into grave disuse as so many other outdated Internet protocols have.

  9. johns says:

    Don’t you dare reduce… oh spam, ok.

  10. Mac Guy says:

    Am I the only geek here who thinks this rant is overly-simplistic and lacking a million details? Am I the only geek here who thinks this won’t do a damn thing to the amount of spam being sent?

    Four REAL solutions:
    1 – Keep your sendmail patched.
    2 – Get good filtering on incoming messages. RTBL is the way to go. I get a couple hundred spam messages hitting my server every day, but only 1 or 2 actually make it to my inbox, if that.
    3 – Turn off relaying on sendmail, for god’s sake. You don’t need it.
    4 – Require authentication on your SMTP server.

    I get no spam, and I don’t pay someone like John does. 😉

  11. pjakobs says:

    what the message of this image? Firefox: it’s about content!



    ps: what was the article about?

  12. emeryjay says:

    She reminds me of booth babes John usta talk about. Let’s ask the blog babe. She’s wearing a tight firefox shirt, so she’s bound to be smart.



    Personally I think she will favor the IMAP strategy…

  13. mike_c says:

    I agree that the idea posted here is flawed.

    But more to the point, that Firefox top is a fake I am afraid. Its a nice bit of Photoshopping.

  14. Marc says:

    The idea may be weak if reasonable at all, but to kill the botnets and virus emails by taking out their ‘current’ primary protocol is something worth shooting for. End users, or even network admins, shouldn’t HAVE to have thousands of spam messages hitting their systems. The problem is the botnets not the recipients. Thus far much of the work has been done on the recipient end, that’s a band-aid.

  15. badcam says:

    After looking at her, I seem to be building up quite a lot of Spam. No, wait a minute, it seems to be going now…ahhhh…hold on….wait just one more minute…’s going!…yes, it’ going now….the Spam is going….going…going……going….Ahhh…GONE…no more spam…Argh!!!……..I feel so much more relaxed now….much better…NO MORE SPAM…


Bad Behavior has blocked 4543 access attempts in the last 7 days.