In terms of large mass mailing systems, we initially thought that scalability
would be a problem, but it has proven to really not be that difficult.
(Non-distributed, normal email systems run beautifully)
SMTP is already a very chatty protocol (EHLO, HELO, MAIL FROM, etc), and it is
already keeping most of the data within a non-queryable log format. We are
simply adding a level of data collection (outside of the non-queryable logs)
and a verification process extending the already adopted "MAIL FROM" test with
two more pieces of data for query (Not just the "FROM address", but also a
checksum and a time stamp).
We've already got Beta testers implementing the system over a distributed
fashion and have not seen any performance or system problems thus far. We are
also about to roll out a client side plugin for end-users to store origination
records within a central system which can then be queried by receiving servers
or individual client machines. It's really no different than submitting to and
querying an RBL which are already widely used.
Again in terms of large mass mailers, we do agree that infrastructure will have
to be in place to adaquately meet origination record capacity. However the
systems are already "online" sending and receiving email and can easily be
interfaced into a central data system. All in all, we see it as a better and
an easier implementation model than rewriting the SMTP protocol, DNS, or
rebranding old anti-spam tests as new methods of prevention.
bill
---------- Original Message ----------------------------------
From: George Schlossnagle <george(_at_)omniti(_dot_)com>
Date: Tue, 20 Apr 2004 17:42:22 -0400
On Apr 20, 2004, at 5:24 PM, Bill Mcinnis wrote:
Works perfectly.
For distributed mailing systems, the configuration settings can tell
mailing systems where to consolidate the outgoing "origination
records" for all outgoing email. When communicating back for
verification by a Receiving system, any point of connection (even if
not the physical outgoing system that sent the email) will be able to
query the central data repository for email validation. This data
repository can live within the email system itself or be outsourced to
a data management provider (e.g. MessageLevel.com).
This would seem to have serious scalability concerns for large
providers, as well as for anyone with a decentralized infrastructure.
George