Re: Benefits/costs of authorizing different identities


I do not completely follow.

Are you suggesting that the EHLO/HELO be validated in addition
to the sender? Or as an alternate?

I am not sure that would be manageable. One of my customers is an
ISP that hosts over 2,000 domains per MTA. The ISP does NOT track
all of the users for each of those 2,000 domains. Their customers are
free to create or delete accounts at any time. Which is why I favor
something like S/MIME - make the sender responsible.

What good is it to know that the HELO did in fact come from one
system that can host thousands of domains? How does that help
control spam? I agree it would help when tracking down the source of spam.

Dave Crocker wrote:

Folks,

It appears that there is good focus on the SMTP-level identities, so
I'll leave out discussion of the message-level identities.
...


--

Doug Royer                     |   http://INET-Consulting.com
-------------------------------|-----------------------------
Doug(_at_)Royer(_dot_)com                 | Office: (208)520-4044
http://Royer.com/People/Doug   | Fax:    (866)594-8574
                              | Cell:   (208)520-4044

             We Do Standards - You Need Standards

smime.p7s
Description: S/MIME Cryptographic Signature

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: Benefits/costs of authorizing different identities, Jon Kyme

Next by Date:

Re: Benefits/costs of authorizing different identities, Pete Resnick

Previous by Thread:

Re: Benefits/costs of authorizing different identities, Dave Crocker

Next by Thread:

Re: Benefits/costs of authorizing different identities, Dave Crocker

Indexes:

[Date] [Thread] [Top] [All Lists]