I was reading yet another comentary about spam problems this morning and, as usual, mulling the issues it raised.

I had an idea, which I haven’t really given a vast amount of thought to - so it may be pants, but it is worth writing down while it is fresh in my mind - just in case.

SPF - the linking of an IP address to the domain name at the DNS to help prevent unauthorised IP addresses sending emails that claim to come from an email address.

For example, my commercial sites are set up so that the SPF record states that only my server IP address is allowed to send an email from my server. If any other IP address attempts to send an email apparently from me, then that is not a valid email.

The value of this was brought home - quite literally, when I recently updated the SPF record and tried to send some emails from my home PC.

My outbound email server was provided by my home ISP - and they check all outbound emails for SPF validity - and hence blocked all my outbound emails as my home computer IP address did not match my website domain SPF record.

That was actually a good thing - although the error message they sent back could have been a bit clearer.

Now, SPF is not the ultimate solution to spam, but it is a useful tool.

Here is the proposal.

Quite simple really, all domain names when registered must have an SPF record associated with them.

It becomes a mandatory policy.

If I buy a domain name, typically the seller would offer a basic webhosting package etc., and they would set up the SPF for their IP addresses.

When/if I migrate that domain to another webhosts - then I have to update the SPF to point to the new IP address - that is a condition of leasing the domain name.

Any domain name without an SPF (or an incorrectly configured SPF) would find it impossible to send emails as every inbound ISP would then start applying stricter controls to SPF validation.

Yes, some spammers would still set up their SPF/IP correctly - this doesn’t prevent that.

What it does do though, is target the increasing problem of so called “zombie PCs”, where a virus on a home computer sends spams on behalf of someone else. As the IP address of the home PC would not agree with the domain SPF record, then the emails would be rejected - hopefully by the outbound ISP itself.

A suitable error message sent back to the ISP’s customer warning them of the situation would also prompt them to carry out a virus scan on their PC to de-zombify their computers.

This then reduces the appeal of using zombie PCs to send spams.

Just an idea I am mulling.

What do you think?

References:

http://spamfighter666.blogspot.com/2006/12/trench-warfare-in-age-of-laser-guided.html

http://www.openspf.org/

OK, I am sure everyone knows this already, but it was news to me.

When working, I am often right-clicking, scrolling to a menu option then left clicking to activate the option highlighted.

I just noticed that I can right-click to select the menu, scroll down - then right-click AGAIN to select it.

Yay!

I tend to get RSI at times, and most of it is mouse generated, expecially when I am doing a lot of left clicking.

This should reduce my left-clicks by about 10% and help alleviate any RSI attacks.

For the record, I have tested this in MSie6, Firefox 2 and several MS Office applications - all running on Windows.

Afghanistan is variously reported to be responsible for between 80% and 90% of the global opium production – leading to heroin supplies.

The usual method for dealing with this is draconian laws and a small fortune spent on enforcing those laws.

Let us look at an alternative:

Why not just buy up the opium supply before it reaches the dealers and drug traffickers?

.

I did a bit of Googling, and find that according to the United Nations; the cash crop value of opium production in Afghanistan was worth US$600 million in 2004. The export value after the dealers add their mark-up was US$2.4 billion.

Now, $2.4 billion is frankly a tiny amount of money in the big picture, and almost certainly far less than is spent by law enforcement on trying to stop heroin distribution once it leaves Afghanistan.

Apparently, production was higher during 2006 – but let us presume a cash crop value of US$1 billion.

The various bodies in Afghanistan go to the farmers and say quite simply, if you stop growing opium, and start growing non-narcotic crops (foods, cottons etc.) then when the harvest is due – we will pay you the equivalent in cash that you would have earnt from growing opium AND you get to keep all the income/profits from selling your food crops as well.

The result is simple – in most areas of Afghanistan, the farmers will switch from opium to food crops as they will actually make more money from food than from opium.

This also deprives the opium dealers of their income, and most of their profits are funding terrorist activities in Afghanistan (and abroad) – so we collapse the opium supply and wipe out a significant revenue source for the Taliban.

.

Hmmm, so far I cannot see a downside – lets see if there is one.

Well, yes there is:

Firstly, opium production will switch to other countries – but it is unlikely to ever match the output from Afghanistan, so the supply will be seriously cut.

Secondly, drug addicts may switch to different drugs, cocaine etc., so the benefit is limited – but still should be significant enough to justify the tiny cost involved.

Thirdly a downside – but short term and actually, almost a positive. If you wipe out almost the entire opium production, then there are going to be a lot of heroin addicts going “cold turkey” and in need of medical care.

But once they are out of that, they would no longer be addicts, and hence the demand for heroin would also decline, making it a less viable crop to grow anyway.

.

So, the current method of spending billions on law enforcement, criminalizing vast swathes of society and funding terrorists is not working.

To give you some idea of how much it would “save”, the US government estimates that the cost of drug enforcement in 2004 was $11.7 billion – and the cost to the US economy in 2000 estimated at a staggering $160 billion.

So, why not try the other method – simply pay the farmers to stop growing opium.

The cost (US$1 billion) is miniscule – not even a rounding error in government spending and would solve so many problems, and just think what $160 billion spent on “legal” items would do for the US economy.

I focus on US figures as they are the easiest to acquire – the same would apply to all countries of course.

Politicians, please take note.

Sources:

http://www.whitehousedrugpolicy.gov/publications/factsht/drugdata/index.html

http://www.unodc.org/pdf/afg/afghanistan_opium_survey_factsheet_04.pdf

http://www.economist.com/world/international/displaystory.cfm?story_id=8499655

I have been banned from drinking coffee for 2 days after I had my teeth cleaned.

I am not sure how I will cope.

I am also banned from red wine and curry.

I might just end my life frankly.

i should point out that on Thursday, I may be a tad hyper as I return to coffee.