On Wed, 26 Nov 2003 18:05:13 -0500, Yakov Shafranovich
<research(_at_)solidmatrix(_dot_)com> writes:
Chris wrote:
this is a research group. we should research and then make
recommendations
This is an engineering workgroup, not a fantasy land workgroup.
The scope is
control of spam. Any protocol changes have to be feasible.
BEFORE you propose throwing out SMTP you have to explain exactly what is
wrong with it and the reason why incremental change is not possible.
Please re read my original post
I do not intend to throw out SMTP they are your words
pull *IS* smtp
with two extra steps outgoing request and incoming accept/deny
both can use the current infrastructure UNCHANGED
The question is how is going to help stem spam. That needs to be
answered before going into minute details of implementation.
Pull might help stop spam. Right now, a sender system only has to
exist to inject a single message for it to get through. With a pull
mechanism, the sender must remain at a stable IP address for at least
a few hours to a few days. Sending systems can't be ephemeral anymore.
By a pull system what I mean is a system where a sender pushes an
announcement that a message is ready. A recipient then 'pulls' the
message from the sender at a later time just as they are. The push
message contains a nonce for retrieval and a cryptographic digest of
the message.
With a pull system, you can 'retroactively' block access to messages
sent from malicious serveres, by exploiting the hours or days between
being sent and being read. This is because the messages have yet to be
distributed to a million mailboxes.
Whether or not this is worth a protocol change I won't say, but it is
another mechanism. I hate to say it, but from reading ASRG, people
seem unwilling to make hard choices.
Scott
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg