To Date Wish list: in *addition* to my current system.
After looking at all the ideas in the posts. I have selected the ones that,
as a postmaster, would be easiest to implement and give me the most bang for
my buck.
There is no silver bullet to stop spam but... Make it hard to spam and the
issue will resolve itself.
I liken it to raking leaves. Right now we are one man in the forest with a
rake... a problem that will never be resolved. Now get rid of most of the
trees, are there still leaves? Sure there are, but my man with the rake can
now handle it.
rDNS
message-ID based white list
Registered bulk mailers list.
Master Do Not Call List
Master Honey Pot
Caller-Key-Trust
FIX Mime
Postmaster UN
rDNS-
Please see Hadmut's document. No need to restate. Works as advertised. Glad
to have a hand in it.
http://www.ietf.org/internet-drafts/draft-danisch-dns-rr-smtp-00.txt
Message-ID based white list-
The original message-ID should be maintained throughout life of email for
time sensitive white listing.
Message-ID consists of date/time group and a key consisting of a hash of the
sending MTA's private key, and senders address.
Can "expire" private keys as system determines.
The sending server can verify RE:'d email upon it's return. Possible
drawback: Multiple MTA's must sync keys and maintain keys. A spammer can use
this information, but only to spam one user *IF* they can obtain a proper
message-ID before the private key expires.
Registered Bulk Mailers list-
I think that the DMA would be all for this, especially is this is the
"expected" way that a "reputable" advertiser would conduct business.
The x-header would contain the commercial email sender's registration# and
opt-out email address.
This registration number can be verified with a simple check against a
replicated LDAP database paid for by the advertisers themselves. Synced with
Master Do Not Call List.
What does this have to do with this group? Nothing and everything. This is
my wish list.
Since I am wishing... I would like a email marketer "prove" that I signed up
for his list when I demand it. I send an email to the address listed on the
opt-out x header, but instead of a "UNSUBSCRIBE", I say "MYINFO" and an
email is sent back to my email address telling me exactly how this marketer
got my email address. "e.g.. DATE: 01/01/2001 url:
http://www.greetingcard.com :Original Marketer reference# 987654: Category:
Elected to receive email about books. Marketer reference #1234556:
Master Do Not Call List-
Postmaster can register entire domains.
User can register own email address
Do Not Call List is peppered with honey pot addresses that are coupled with
Master Honey pot
Master Honey pot-
Let the brilliant people on the internet have access to real-time spam.
They can write their own rules against it. Maybe a grant or some other
private fund can come up with money for a system that can parse, catalog and
save the massive amounts of junk, yet still have it available to anyone who
wants it to write their own rules against it. This does not have to be an
uncomplicated system. Who says that SMTP tools must be written at a 5th
grade level? Make it an open-project. Who cares if spammers research the
information too... it has always been the brilliance of the anti-spammers
tested against the spammers.
Caller-Key-Trust-
Sending server says... I know who you are and I trust you somewhat, so I am
going to give you a key to encrypt your mail with until I expire it. While
your email is encrypted, I will white list it.
Microsoft Outlook STILL renders improper MIME-
*sigh*
Postmaster UN-
I would give my contact information to other postmasters to enable the
resolution of issues concerning our respective domains. (Red phone)
*****
"The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential, proprietary, and/or
privileged material. Any review, retransmission, dissemination or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from all
computers."
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg