Hacker News new | past | comments | ask | show | jobs | submit login

You can mostly get rid of spam by requiring the sender to perform a proof of work if they aren't in your contacts list. I.e. whitelist of senders + proof of work or some kind of configurable per domain quota/proof of work.



I guess that gets rid of all other email as well..


How often do you get email from somebody that you've never gotten email from before?


Exactly once for each contact that has ever sent me an email


Maybe a two-way 'add contact' feature would be useful, like a facebook friend request.


Sure but then it's not standard e-mail any longer.


I remember having a server side system for generating cryptographic email aliases along the lines of:

base64encode(hmac("new-sender@example.com+valid-to+01012018", key))+user@mydomain.com

Truncated to something like fvv544+user@mydomain.com that would only be valid when sent with the from-adress new-sender@example.com (along with some clever magic to avoid email loops! :-)

I think maybe it was authored by ESR (Eric Raymond) in python - but Google only turns up various dkim schemes...

New senders would have their mail held back, and get a "please reply if you are human"-message - a reply (to the "magic" reply-to alias) would release the held mail and whitelist the sender.

A greylist variant of sorts.


I'm talking about now going forward. There are plenty of ways to make a person opt-in the first time they send you something. That process gets rid of more than 99% of spam.


This feels... parochial.

It wouldn't be so good if email turned into Facebook, where you can only contact somebody if the circuit has been established beforehand (i.e., both parties friend each other). What happens if this is the point of initial contact, and there's no other way to get in touch? I have to conspicuously friend this person from my otherwise dormant account and then not think about whether they're going to feel weird when I unfriend them later on?

I sent an unsolicited email a couple weeks ago. Academic-type, self published, personal webpages where I saw something that needed fixing, and so I did. There was no CMS, just a static site—and not the sort where you're running markdown sources through a generator and have a whole Git hosting service apparatus intertwined with hooks sunk into it. Plain, legacy HTML. I saved a local copy to my machine, made my changes, and mailed them in. They happened to be machine-readable patches, given the recipient, but it could have just as well been a message written in natural language. The changes were made, I was thanked, and done.

I'm still upset that in the 90s I could get in contact with almost anybody by looking in the phonebook, but when I tried doing that a few years ago for an old coworker, it was hopeless. Getting the listings for a city you've moved away from can prove to be harder than it seems, even when you know they have a landline.

These are the kinds of things you lose when you assume the world is already fixed in the form that it should maintain going forward.


From every client that a former client has sent my way. 50% of my clients introduce themselves with some variation of "Something happened, Bill gave me your name. Help!".


Does anyone actually use e.g. hashcash though? I love the concept, but it's useless if nobody can use it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: