I'm not too knowledgeable about this stuff, but would it work if end-to-end encryption was only initiated after the first time somebody replies to an address? e.g. If somebody contacts you for the first time, they lack your public key (and/or a shared secret for authentication) and must send you plaintext. Then, if you reply, you automatically provide them with your public key and/or authentication info to send you encrypted messages in the future. Thus, most spam would be in plain-text, anyone who knows how the system works would avoid discussing sensitive info in the first email they send somebody, and everybody else wouldn't know the difference.
One issue I could see though is the initial email would essentially devolve into a "poke". Nobody would bother writing anything in it, which would mean the spam filters would have nothing to filter on.
>One issue I could see though is the initial email would essentially devolve into a "poke". Nobody would bother writing anything in it, which would mean the spam filters would have nothing to filter on.
that is a good thing: if the first message contains something else that is not just "poke", it's spam.
But spammers would just send "pokes" as well. The system would have nothing to go on besides the reputation of the sender when a poke is initiated, so this is no different then just sending encrypted text to begin with.
It can't just be a poke because why would you reply to someone you don't know? The email has to be sufficiently interesting to convince you to reply, while not containing any confidential information.
Because of my original point. That because it is required to start every email conversation, no one will actually put anything in it, or certainly much less context then you get currently. Which just makes spam prevention and detection harder meaning you will have to wade through more attempts which get through.
The person I replied to said that "anything that isn't a poke would be spam". Do you really think spammers are that stupid?
MITMing the message with the public key attached would be pretty straightforward and impossible to catch without verification over some other secure channel
This would be solved by public key encrypting and signing both sides of those messages. Nothing stops people from sharing your public key, so you could develop some kind of one off token for everyone instead, that way you can kill those tokens after a time.
The question is how do you know that it's actually their public key.
The usual approaches are:
1) verification of they key fingerprint by some other channel, such as the PSTN, but this is obnoxious and feels like tradecraft; you are unlikely to get normal people to do this for normal communications.
2) certification of trust based on 3rd-party verification of government identity documents or control of some address.
3) the web of trust. Might work well for a bunch of security-conscious HN types, but unlikely to be a good solution for people such as our mothers who have neither the cryptographic background to make intelligent decisions about signing keys, nor the inclination to care.
in my mind, the first email would be encrypted using a public address obtained by asking for the key from the receiver's domain's server, or otherwise leveraging the DNS for the receiver's mailserver.
