On Tue, 25 Mar 2003, Kee Hinckley wrote:
At 8:36 AM -0800 3/25/03, Chuq Von Rospach wrote:
I would go further. I think we should have a standard mechanism
(akin to mailto:, but probably using a new scheme name) specifically
for whitelisting. If your email client supports whitelisting, it
should support a url that you can click on to automatically whitelist
an address. (And of course, it had better confirm this with the
user, or the spammers will just embed it in an image tag.) Then web
sites can easily provide the user with a way to whitelist the
necessary address or addresses.
--
Is there something in this proposal to prevent spammers from using
Amazon.com as their return address? Do we assume that mail is securely
signed? Or does the whitelist include the IP address of the connecting
system?
Or if not, would amazon.com eventually get to using a unique from: address
for each receipient, that the spammer couldn't guess? If they didn't, they
would have troubles communicating with customers, because noone would want
to put them in their whitelist. But that means that there can't be any
cooperative whitelists, or sharing of whitelists, which is quite a shame.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg