Gburzynski and Maitan set out to provide an economical solution to the growing problem of spam, or unsolicited commercial email, on the Internet. Their intent is to design a solution that works within the constraints of the current simple mail transfer protocol (SMTP)-enabled infrastructure, thus leveraging the technological investments at both the Internet service provider (ISP) and end-user levels, and supporting the phased implementation of their proposed solution, while supporting interoperability with current email standards.
To achieve this admirable goal, the authors describe an automated process for assigning unique transactional email addresses to conversations, rather than users. The software they have developed links those conversational addresses to the actual email addresses of users participating in the conversations, and proxies the delivery of such email to the appropriate parties. While the concept of managing email through the use of party-specific addresses is not new (I’ve been doing it manually for years), the extension of an automated and transparent approach to general end users could have a substantial impact.
While there are implementation issues yet to be resolved, the authors are cognizant of this, and have highlighted vulnerabilities of which they are already aware. Due to the procedural complexities that must be addressed by the users (reminiscent of similar issues with pretty good privacy (PGP)), I am not convinced their prototype qualifies as a solution just yet. However, this documentation of their approach will be invaluable to other researchers in the field, and is recommended accordingly.