At 8:18 PM -0400 5/6/03, Eric D. Williams wrote:
> No, the problem is that this spoofing is a minor problem and any
solution is easily evaded by spammers.
Please explain how. I think as an exercise it would be instructive to give an
example of how a spoofing solution would be evaded (easily). I agree that
You keep a variety of name servers around the net. You register a
new domain every day (or week, or however often you need to avoid
blocking). And each day you send authorized email "from" the new
domain, using an authorization server that allows mail from any IP
address.
There are already spammers that do the first part. Second part seems
easy enough.
Mind you, I'd love to have anti-spoofing. I think a lot of companies
would like the peace of mind it gives, and god knows I don't need any
more letters from RIAA members telling me that somewhere.com is
stealing their stuff. I also think that moving spammers into a
corner (registering real domains) is interesting. Although in
practice I haven't found those spammers any easier to track down than
any others.
--
Kee Hinckley
http://www.messagefire.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg