In other words, widespread implementation of LMAP (which would be a good
thing) would lead to more compromised machines (which would be a bad
thing) ;-)
What solutions are there that don't suffer this problem?
I am not saying there are any better solutions. LMAP (or something like that)
would go a long way towards reducing the problem caused by spam with forged
headers. All I am saying is that if/when some method like LMAP will be
adopted, spammers will put increased emphasis on methods not affected by
LMAP, such as:
1) "Disposable" accounts - get an account somewhere, violate the AUP
and spam until the account is shut down.
2) Rogue ISPs.
3) Zombies...networks of compromised machines, used to send spam
"in the name" of the owner of the machines.
Those are not reasons not to implement LMAP or any other protocol to reach
the same goal - I am all for any method that will reduce forgery - all I
am saying is that we can expect a changed strategy by spammers, and other
methods will be needed to deal with that.
--
Fridrik Skulason Frisk Software International phone: +354-540-7400
Author of F-PROT E-mail: frisk(_at_)f-prot(_dot_)com fax:
+354-540-7401
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg