Keith Moore said:
- originator identification/authentication/tracing
(e.g. if you can reliably tell whether a message is coming from a
known spammer, or merely someone of unknown reputation, or someone
you know. this happens at various levels of granularity -
you might know the ISP that is originating the mail, or you
might know what business has that IP address block, or you
might know the specific MTA, or you might be able to identify
the sender via some kind of authentication, either in the
message or out-of-band (say SMTP authentication).)
This is, by far, the most urgent one. SMTP is currently forged on a
massive basis, in order to send spam. If we can come up with a way to
successfully break mail-originator forgery, every other aspect becomes a
whole lot easier.
Regarding the whack-a-mole spamhaus issue, where they register domains
like "somegreatnewspammyoffers439.biz" in order to send authenticated spam
for each spam-run -- that's not a big problem; we'll just be back at the
mid-90s stage, when DNS blacklists *worked well*!
Bottom line: if we're in a forum to "fix SMTP", then IMO mail-originator
forgery should be top priority.
(Disclaimer: I hack on SpamAssassin, which uses message-analysis. But
SpamAssassin's a platform for filtering these days, and I'd love to get
origination-auth so we can support it!)
--j.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg