-----Original Message-----
From: Eric D. Williams [mailto:eric(_at_)infobro(_dot_)com]
Sent: Monday, March 31, 2003 3:09 PM
To: 'Hallam-Baker, Phillip'; 'Jason Hihn'; Jim Youll; David F. Skoll;
asrg(_at_)ietf(_dot_)org
Subject: RE: [Asrg] How to defeat spam that uses encryption?
...
All: A question is the discussion of end-user MUA technology uses
of encryption
something people want to address as a 'spam' control solution?
This is just a
question.
I certainly hope not. End to end encryption will destroy server-side content
filtering, unless it holds private keys in escrow. If it does, it's not
that bad, though there are several advantages drawbacks:
1d) Bandwith of public key retrieval. I'm assuming you have to ask my email
server for by pub key before sending me a message.
1a) slows you down, increases your bandwidth needs. Requires you to work in
lock-step with other email servers that may be sharing information and
conspiring against you (RTBL, see 3a)
2a) eliminates one-message-to-all, takes more CPU
2d) hurts mailing lists, takes more CPU
3d) you're a spammer and you will know I exist
3a) Before sending a pub key, check B&w lists
Of course, these keys could be implemented completely transparently to the
user.
But I think we are better off NOT using it, just for the fact that I don't
want anyone to be able to determine that my email address is valid before
sending.
Not to mention that this stuff could not be implemented in a global scale.
France is very much against any kind of encryption. Whatever methods we
choose must be globally applicable, and that fact is enough to eliminate
this as a standard.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg