>seriously cuts down on people using legitimate email addresses to spoof as the 'from' address.
That's not always bad activity. I have my own domain which forwards to gmail, so all my from headers are "spoofed." Traffic goes out via my ISP and is forwarded back to gmail. It saves my running my own mail server.
I'd prefer better OS security. Have a manifest with each application installed. If that app tries to execute something which hasn't been tagged in the installation manifest as executable, its gets flagged to the user. If it tries to pass off data to another executable outside of its installation manifest, it gets flagged.
Forget some new GUI for windows 10, how about a decent firewall/IDS with MS-supplied geo-lists? Please tell me if my PC ever tries to send things on port 25 to anyone but my ISP. Please tell me if my SMTP exceeds 30 connections per hour or 20 recipients per message. Then work with the ISP's to create a common rules format. This could work for the ISP's as well. Include some QoS rules and people might be willing to shape their torrents during peak hours. With an open format, the FLOSS/OSX chaps can hook in as well.
These are not complex IDS things, but they do need hooks into the OS GUI and logs to provide easy management and exception handling.
Biting the hand that feeds IT
