On Mon, 3 Mar 2003, Hadmut Danisch wrote:
Believe me, it is. About a year ago, some Spammers were sending
millions of mails around the world and used random addresses from
my domain as sender addresses. I received tons of complaints and
cursing threats from people who received Spam, but didn't want to
believe that I don't have anything to do with it.
Actually the proposal is very helpfull in this regard. Whereas now any
spammer can forge your address from any injection point, if the proposal
were widely accepted, then only the next person on your IP address could
forge your address, and I am not sure how easily he could arrange to be in
this position. He can look up your authorized smtp sending IP address
easily enough, but how easy would it be for him to get the providor to
issue that address to him? Would Radius or DHCP hand them out at random,
or could he bias the result in some way to raise his chances of getting
your old address?
Somehow it seems more practical to just buy a domain name and use it till
the spam filters catch on, although $10 is probably significant for many
spammers.
By this reasoning, the proposal could succeed at providing authentication
without actually reducing spam. Which is not a condemnation.
One thing to remember is that no single action will eliminate spam, but
some combination will. We have to ask "is this going to be part of the
combination"?
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg