----- Original Message -----
From: "Peter J. Holzer" <hjp-asrg(_at_)hjp(_dot_)at>
To: <asrg(_at_)ietf(_dot_)org>
Sent: Monday, December 01, 2003 5:13 AM
Subject: Re: [Asrg] 0. General - anti-harvesting (was Inquiry about
CallerID Verification)
The open question is: Do the requirements, which the RFC puts on the use
of the reverse path (DSN's MUST be sent to the reverse path, the
reverse-path MUST be copied to the Return-Path header on final delivery,
etc.) also constitute a requirement on the sender to provide a valid
return-path? Or is it allowed to insert an invalid path if it isn't
interested in DSNs, Replies, etc.?
In which case, a null address is used. But using a NULL imposes other
restrictions on spammers, that is why it is not used by SPAMMERS. Namely, a
NULL address triggers a single RCPT TO: allowance and only a LOCAL user
allowance, among other things.
I can see no clear requirement in RFC
2821 that the mailbox of the sender MUST be globally reachable and
accept mails. The expectation is clearly there (otherwise the
requirement that DSNs are sent there, or the care in preserving it at
final delivery wouldn't make much sense), but the explicit requirement
is IMHO missing.
That is basically all I am recommending that needs to be done, clarify the
specs and the solutions will come like no tomorrow. It doesn't have to be
an expensive Caller ID method, but it is the only current way to valid it.
The research will immediately go into getting a better, optimized, no
overhead caller id system!
80% of the spammer base will disappear or begin to make them legit, in which
case, makes them traceable. A remarkable improvement will be made to the
industry. The IETF will become sore from all the pats on the back they will
receive. :-)
---
Hector Santos, CTO
WINSERVER "Wildcat! Interactive Net Server"
support: http://www.winserver.com
sales: http://www.santronics.com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg