Paul Russell wrote:
On 6/22/2009 17:12, Claudio Telmon wrote:
Well, this stream doubling is something many already do, keeping one
address for close friends and business partners, not disclosing it in
order to avoid spam and other messages. But again you're right, the
framework would need reach a critical mass in some time, or it would be
abandoned even by early adopters.
Back in the day when most spammers obtained addresses by harvesting them from
web pages, you could, for the most part, keep a mailbox spam-free by
disclosing
your email address only to those from whom you wanted to receive email. The
sun
set on that scene long ago. Spammers generate potential recipient addresses
based on common names and naming schemes, or harvest them from address books
and
private mail archives on compromised systems. Security by obscurity seldom
works for very long.
In this respect, the framework should be effective, since spammers would
also need to generate the consent token, which they can't. When
harvesting email addresses (and tokens) from compromised systems, the
framework provides a way to detect who was compromised and to invalidate
the token.
--
Claudio Telmon
claudio(_at_)telmon(_dot_)org
http://www.telmon.org
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg