I started writing a point by point response to the previous message in this
thread, but abandoned it halfway through as it appeared to be degenerating
into extreme silliness. I'll therefore make a brief "closing argument"
instead.
In the fight against spam, it is worth considering the use of a pull-based
transfer of data at some point in the protocol for the following reasons.
1. It defeats the exploitation of open HTTP proxies and other one-way address
hiding schemes; the sender must take a server role.
2. It can act as an improvement over greylisting, since the recipient is in
control of the callback attempt, rather than waiting passively.
3. It could be incorporated into SMTP in an evolutionary manner if desired.
4. It need not present significant new exploit paths for spammers.
Brad Knowles has raised many objections to my defence of "pull" in this thread
so far, quite a few of which I have left unanswered. I intend to leave them
that way: I disagree with them, but addressing them would probably get me
nowhere with Brad, and bore the remainder of the list. Therefore, I rest my
case.
If anyone (other than Brad) feels that my argument is weak in some way, I'll
be happy to consider the issue, either off-list or on.
Regards,
TFBW
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg