The protocol that has defined e-mail for more than two decades may have a fatal flaw: It trusts you. Developed when the Internet was used almost exclusively by academics, the Simple Mail Transfer Protocol, or SMTP, assumes that you are who you say you are. SMTP makes that assumption because it doesn't suspect that you're sending a Trojan horse virus or fraudulent pleas for money from the relations of deposed African dictators, or that you've hijacked somebody else's computer to send tens of millions of advertisements for herbal Viagra.
In other words, SMTP trusts too much--and that has spam foes, security mavens and even an original architect of today's e-mail system agitating for an overhaul, if not an outright replacement, of the omnipresent protocol.
"I would suggest they just write a new protocol from the beginning," said Suzanne Sluizer, a co-author of SMTP's immediate predecessor and a visiting lecturer at the University of New Mexico, in an interview.
