Jason Hihn <jhihn(_at_)paytimepayroll(_dot_)com> wrote:
Observations:
1) Spam only comes from those we don't know.
Not if it's forged, Outlook worms being the most common example.
This system seems easily implemented, and will go a long way to
eliminate/cut down/make filterable the spam.
SMTP callout address verification is already in use, although it isn't
a complete solution owing to the number of servers out there that do
recipient address checking very late. It also causes problems because
of the number of servers that do not accept email with a null reverse
path, and the number of users that want to receive email from people
with broken setups. It relies on SMTP servers leaking information about
valid addresses, which some don't like from a privacy point of view,
and others don't like because it makes dictionary attacks easier.
Your scheme implies (somewhat unclearly) a per-message component to
the checking, which would require me to tell all my MXs (or some other
authoritative entity in my domain) about all the email I send so that
the recipients can check it.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
CAPE WRATH TO RATTRAY HEAD INCLUDING ORKNEY: SOUTHWEST 6 OR 7, EASING 4 OR 5,
THEN VEERING NORTH OR NORTHEAST 7 OR GALE 8. SHOWERS. MODERATE OR GOOD. ROUGH,
LOCALLY VERY ROUGH OR HIGH LATER.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg