John R. Levine wrote:
These days most subscriptions are entered on a web page, and if you're
lucky the mailer will send a confirmation message with a URL that sends
the subscriber back to the web page. Where's the MTA going to get the
subscriber info?
See below
The challenges in designing a protocol that neither makes
unreasonable demands on users and MUAs nor is easily spoofed by hostile
mailers seem insurmountable to me. If you're planning to keep a
reputation database of mailers who send credible subscription
announcements, why not just whitelist their mail?
Does this include blacklisting the not credible?
Since as far as I know nobody does this, it's a resarch topic, so I've
directed replies to the ASRG. See you there.
Lets see if my MTA gets the non-subscriber info/notification with a
target that includes the address you directed replies to.
--
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html