On 9/17/07, SM <sm(_at_)resistor(_dot_)net> wrote:
At 11:12 17-09-2007, Chris Lewis wrote:
Freudian slip? ;-)
No. :-) I was merely pointing out why every new measure introduced
gets circumvented.
I can't help thinking that spammers will have a field day spamming
themselves with forged, say, @hotmail.com, doing the captchas to
"approve" bogus IPs, and then firehosing the world with what would
now verify. The Nigerian 419 hordes would have fun.
Or they could push more authenticated mail through as they already
control the user's computer.
But if they did try to push more "authenticated" mail it becomes the
ISP or companies issue because SPF authenticates the domain, not the
user. In fact, the port 25 approach does have certain advantages in
terms of reputation and accountability. If this were to play out I
think we would see more "walled gardens"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg