Hallam-Baker, Phillip wrote:
99.99% of the spam I get is forged. Call me naive, but this says to
me that spammers believe that forgery is an important part of the
spamming process.
The way I look at it the spammers are using the forgery to get round the
existing filter technology and blacklists. Deny them that tool and the
existing mechanisms become more effective.
it is a geschtalt thing.
What I find problematic is that there is an existing identity in email -
IP addresses. If blacklists are made to be more feature rich, possibly
becoming reputation services, that might help. So I am not sure why
going to domain identity or sender identity makes a difference. One
compelling argument made so far is that IP owners do not care if their
identity gets stolen, but domain owners and senders do. IF you raise the
cost for IP owners, they will start to care.
My second problem, is that there are multiple ways to introduce sender
identity into email. We should stop back for a second, and look at the
problem from a bird's eye view. If we were to be designed the email
system from scratch, how would sender identity be implemented? Would
spam still exist in such system?
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"I ate your Web page. / Forgive me. It was juicy / And tart on my
tongue." (MIT's 404 Message)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg