Moreover, although people don't really think of IP spoofing as a
concern due to it's unroutable nature in two way conversations, our
tests have shown that Spammers are increasingly taking advantage of
this on a one way "Broadcast" stream to drop emails with the proper
IP's (especially in a private relay system with NAT'ing).
To quote an old character named Starbuck: "Felgercarb."
SMTP requires end-to-end TCP. The receiving server needs to talk back to the
sending client to receive mail. You need two-way communication to use TCP,
hence SMTP. Who here has demonstrated a practical TCP spoofing attack?
Insecure NATs are another problem entirely but are still at least traceable
to the insecure NAT.
What you're saying here smacks of, well, there are harsher words than
"felgercarb" but they apply here.
We'd love to show you our prototypes.
I don't think anyone here's stopping you. Write and send an internet-draft.
PGP key (0x0AFA039E):
Sometimes it's hard to tell where the game ends and where reality bites,
er, begins. <http://vmyths.com/resource.cfm?id=50&page=1>