People use Gmail because they legitimately want to filter out the unsolicited spam, marketing, etc. To an anonymous attacker, there is no cost to send these emails. Middlemen like MailChimp and Sendgrid play the role of converting email from a free, publicly exploitable channel into a paid, KYC one.
Email fbfw is the de facto standard communication channel for almost everything, but by design a single computer can send an unlimited number of emails to other addresses. This maybe was a good enough design originally, but now the role of email has grown so much that, today, it should be a paid KYC channel.
What is the alternative to spam filtering? Everyone maintains their own allowlist of good senders?
Make sending email cost the sender. No, I don't know how. The best ideas I've heard (1) make the sender store the message and (2) have no hope of being widely adopted.
People use Gmail because they legitimately want to filter out the unsolicited spam, marketing, etc. To an anonymous attacker, there is no cost to send these emails. Middlemen like MailChimp and Sendgrid play the role of converting email from a free, publicly exploitable channel into a paid, KYC one.
Email fbfw is the de facto standard communication channel for almost everything, but by design a single computer can send an unlimited number of emails to other addresses. This maybe was a good enough design originally, but now the role of email has grown so much that, today, it should be a paid KYC channel.
What is the alternative to spam filtering? Everyone maintains their own allowlist of good senders?