From: "David F. Skoll" <dfs(_at_)roaringpenguin(_dot_)com>
I disagree, because many spammers work hard to remove bad addresses
from their target lists. Other spammers don't, but still others work
hard to honor "unsubscribes" or "removes."
In order to remove bad addresses (as Justin Mason pointed out), or honor
unsubscribes, spammers would need to supply either a valid return address
or a Web page somewhere that's trackable. That's the whole goal of all
the authentication proposals on this scheme.
You can't clean your list unless you can receive bounces, and to receive
bounces, you need to use a valid (and presumably somewhat traceable)
sender address.
That is even more deeply confused than the authentication proposals.
The authentication proposals cannot force spammers to process bounces.
They can only force spammers to have sender addresses that are
authenticated. On the other hand, that many spammers now use valid
return addresses and process bounces without authentication shows that
authentication is indpendent of clean lists.
The authentication proposals are confused about the nature of
authentication. They imagine that it would ever be possible (not to
mention desirable) to force all mail to be inextricably linked to a
human identity such as a U.S. social security number (or EIN for
corporations). As long as it is possible to phone an ISP and get a
new account within minutes, or to sign up for an accout on-line, the
notion of authenticating all mail senders to mail recipients is crazy.
On the other hand, all mail senders are already sufficient authenticated
to ISPs for ISPs to prevent spam if they care. ISPs that demand credit
card numbers and impose significant financial penalties for bad behavior
do not have spam problems.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg