David MacQuigg <dmq(_at_)gain(_dot_)com> wrote:
See my "Spam Scenarios" at
http://www.ece.arizona.edu/~edatools/etc/
David introduces an interesting idea there: interspersing "Authenticated:"
headers among the "Received:" headers:
]
] Received: ( **SaniMail 47655 invoked from network** ); 28 Feb 2005
] 15:35:36 -0000
] Authenticated: 208.210.124.73 pobox.com SenderID PASS
] Received: from unknown (HELO gold.pobox.com) (208.210.124.73)
] by mail5.mailsystem.us with SMTP; 28 Feb 2005 15:35:36 -0000
I think it would work better as
"
" Authentication: <method> (<parameters>) = <result>
but it's the _idea_ that I find interesting, not the syntax.
If there were a header prepended at the time Authentication is done,
it would make it possible to use its result as input to (possibly
heuristic) filtering executed later; and _might_ open the door to a
future in which a limited trust could be given to Received: lines after
the first.
What do other folks think?
--
John Leslie <john(_at_)jlc(_dot_)net>