Anteris Web
Anteris Web
Free Internet Messaging Provider and Development Platform
Message Exchange on the Internet
The main form of bilateral information interchange on the Internet is probably Email. Real time message interchange - chat - is surely very important and comes more important with increasing connection rates, however the ability to send a messages asyncronously remains of highest importance to many users of the Internet.
Traditional Email uses the SMTP protocol for message delivery. SMTP has become a major nightmare in todays Internet, it may be the most abused protocol and the damage done by unsolicited (comercial) email (UCE) and virus-born email messages is calculated in tens of thousands of dollars a year.
There are noumerous proposals to fight against `Spam', Sender Domain Politics, Neuronal Filters to prefilter Spam, IP-Blacklists, Server Side antivirus programs, etc. etc.
Anteris Web means to be a testbed for one of the alternate approaches to Internet Mail: Whitelist centered message delivery, combined with message exchange based on the publish-subscribe principle.
A new Email system has to be designed, which replaces SMTP and overcomes its intrinsic weaknesses beeing abused by UCE and Viruses.
Free Internet Messaging
Anteris Web provides free "traditional" Email Accounts, just like Yahoo! or Hotmail. It strives to provide a free, easy to setup and to manage Email-provider Software, based solely on Free Software components.
Anteris Web initially uses SMTP as its Email transport mechanism, however each account is protected by TMDA - a whitelist centered Anti-Spam mecanism.
I hope to attract Internet Users to use Anteris Web as their Email platform and thus become acquainted with the whitelist centered approach. This way a comunity of Internet Users shall be created, which is willing to test the upcoming approaches.
I also hope, that the availability of the source code of Anteris Web attracts Internet Service Providers to use it as their Account Managment Platform, and thus share experience and improvements to the code, as well as widen either more the user base.
Further more I registered the Internet domain: anteris.net, and will gladly delegate subdomains to sites running the Anteris Web Software. By now there exists the `ni.anteris.net' domain, primarily intended to be used by people in Nicaragua. I hope that other country code based anteris.net subdomains will be installed soon. The name "anteris.net" was chosen to provide short and distinguished Email addresses to be atractive for the end user.
The Anteris Web Email solution is thought to provide Instant Messaging and Chatrooms via the Jabber protocol, as well as Web based Bulletin Boards and Discussion rooms and Mailing lists via the OpenACS platform, and this way cover a broad spectrum of know Information interchange techniques.
Comercial Use of the Internet
The comercial use of the Internet is not only legitimate, it will play a more and more important factor for the financing of the comunication costs.
Anteris Web's concept encourages controlled comercial use of the Internet. The control however, shall be in the hand of the consumer. Anteris Web understands its role as a service center for information interchange. The costs of operation have to be raised by some means and one of the possible means is advertising. If a user covers the costs by him/herself, s/he has to be able to opt completely out of advertising. On the other hand, a user can choose to receive advertisments, whose payment by the advertiser then cover parts of all of the cost of operation of the account.
Anteris Web shall also be able to function as an advertising center. Advertising in the end is also information exchange, and Anteris Web can do a good job on it. Advertisers should be able to deposit categorized Information about their offers, while on the other hand Anteris Web end users would be able to access selectively the advertisements they are precisely interested in.
Status of the Anteris Web Project
Actually, 23 of October 2004, there exists one (1) server hosted by Netport in Managua/Nicaragua, with a handful of Email Accounts.
It has a basic OpenACS installation, augmented by the Anteris Web specific Posix-Account module, which converts the OpenACS users into (Unix)-mail accounts.
Another module, `oacpw' is a checkpassword compatible authentication module, which authenticates user/password credentials against the OpenACS/Posix-Account user database. This module is used by the imap server.
By now, IlohaMail is used as Webmail Interface at www.ni.anteris.net.
That is all to it!
What is needed darely is automatic creation of the home directory and the Mailbox as well as the automatic engagement of TMDA when creating the OpenACS account for a new user.
IlohaMail is not fit for the better part of TMDA - on the fly creation of Sender Address extensions. And Jabber authentication needs either be adapted to acces the OpenACS/Posix-Accounts directly or to use the oacpw module for authentication to provide instant Chat accounts to the Anteris Web users.
whitelist centered publish subscribe based Messaging
Traditional Email Accounts receive Email from *Anybody* without questioning. This is similar to ripping out the door to your house -- you wouldn't likely do this.
Protection methods against abuse to this approach maintain lists of unwanted senders, be it in the form of blacklisted Email addresses or blacklisted Mailservers. This is known as the blacklist centered approach to Spam defense.
However, would you put a guard at the open door of your house and tell him to let anybody in unless it is Peter, Paul and Mary? -- also not very likely. You would rather tell him to let nobody in, unless it is somebody known, and known to be acceptable in your house.
This is the whitelist centered approach. In its simplest but inconvenient form: Email is only accepted from persons (Email addresses) or mailservers which are on a whitelist.
Since there are zillions of Email-addresses, from which you rather would not expect or desire an Email, but only tens, hundreds, or eventually a few thousand Email addresses from which you gladly acccept a message, the whitelist centered approach is managable and scalable. The blacklist centered approach, in its final consequence would mean to list all but the few acceptable Email addresses in the blacklist - that means: zillions.
The biggest problem with the whitelist centered approach is: how can somebody get on the whitelist, if s/he cannot send you an Email to ask you to put her/him there.
There are many approaches to this, and TMDA, for example, implements several of them:
Confirmation: When TMDA receives a message from a (yet) unknown Email address, the message is put on hold and a confirmation request is sent to the originator. If the confirmation request is answered (by Email again) within a week, the original message is released. If it is not answered, the original message is discarded.
Pre-authorization: When the account owner sends a message to somebody, the return address is extended with a code. When the recipient replies, TMDA recognizes the code, and accepts the message without further confirmation.
In fact, any rules can be used to authorize or whitelist a message: trust in some certification or digital signature, trust into some sender policy, or even indiscriminate trust in any Email-message received. The letter would mean, you don't rip out the door to your house, you just leave it wide open day and night. However, you can choose to close it anytime.
I am convinced, that a future Email system has to be based on a whitelist centered approach, and Anteris Web shall explore this concept.
Now to the publish-subscribe mecanism: Traditional Email is based on the store and forward principle. The originator of a message puts one or several destination addresses on it, and then injects the message into the Email-system. Each intermediate Email-Server stores the message and then forwards it to the next-closest Email-Server available, until it is stored (delivered) in the Mail box of the recipient(s). This is very similar to the way good old surface Mail works.
The publish-subscribe principle consists in depositing the message itself into an outgoing Mail box, and then publish a notice of availability to the recipient(s). The recipients now can choose to retrieve a copy of the message from the Mail box - they `subscribe' to it.
The implication of this mecanism are more subtle, then the white-list centered approach. Primarily it is assumed, that the notification messages, which probably have to be transmited by the store and forward mecanism, are much smaller then the message contents. So, if the reception of a message is not desired by some recipient, or the recipient address is wrong, the original message never gets transmitted, and the wasted bandwidth and storage volume is smaller in comparision to the traditional forwarding of the whole message.
Another caracteristic of this method is, that the sender has to provide the storage and transmission bandwidth for all retrieved messages. In the traditional Email system, spammers are able to inject thousands, even millions of Email messages at the cost of a few low bandwidth conections to open relays or vulnerable computers, which retransmit the messages at the cost of their owners.
Finally, the sender has to reveal the origin of the message, and can therefore be made responsible, or at least bloqued easily. Actually spammers can operate from the same account/connection during a long time, by faking the real origin of the message. Since the Email system does not check the origin, the messages gets forwarded. If an intermediate server (e.g. open relay) gets blocked, the spammer just switches to another one and continues the abuse. With the publish-subscribe mecanism, forging the sender address (Mailbox location) make no sense at all.
While whitelist centered approaches already exist, there are little existing experiences and usefull implementations of the publish-subscribe mecanism for Email interchange.