We often think of fixing malicious activity in terms of systemic solutions, but spammers have moved on to private systems from which to conduct their abuse, and this makes it harder to stop.I saw a disturbing number the other day: According to the latest
MessageLabs Intelligence Report,
by September of this year 25 percent of all spam originated from hosted
Webmail accounts, meaning Yahoo, Hotmail, Gmail and the like. This may
be a huge problem.
I've been a big fan over the years of SMTP authentication and
associated reputation-based systems. The idea behind them is to
identify with certainty the domain of the e-mail sender, something
which the SMTP protocol does not do. Reputation systems then say
whether this domain is one known to be trustworthy, untrustworthy or
some unknown status. Then it's a matter of you setting policy to deal
with this reputation data.
These ideas have been controversial, mostly out of obtuseness about
reputation systems or a distrust of them. Personally, I think they
would do a much better job than doing nothing, so I was for them. But
that may all be moot.
I've been hearing for years now how large numbers of users are
moving their e-mail onto Webmail systems, and the reasons are not hard
to understand. You can use your mail from any computer with a Web
browser, there's no local e-mail client to learn, your e-mail is not
stuck on one local store, and Web 2.0 interfaces make the clients
almost as rich as a real e-mail program.
Read the rest of this article on eWEEK.com.
Online Media 
