Doug Otis and I have been working up a proposal for a SMTP extension
to shift some of the burden of spam abatement away from the receiving
SMTP servers towards the originator. It is now published at:
http://datatracker.ietf.org/drafts/draft-otis-smtp-tbr-ext
In essence it holds the originator responsible for maintaining the
copy of the message until a receiving Mail User Agent determines that
it should be delivered to the recipient.
This quite specifically allows reputation-checking to proceed at
leisure, not subject to time constraints (except for recipients who
demand sub-millisecond delivery of every spam message ;^)
It also gives us a "for-free" version of graylisting, in that no
further network traffic is needed to enforce a time delay before a
message is accepted from an unknown originator.
As part of the proposal, we add conditions that ensure a workable
return path for Delivery Status Notifications, requiring that the
same domain which manages the server from which the message will be
fetched also publishes a MX record to receive the DSNs.
Obviously, comments are welcome...
--
John Leslie <john(_at_)jlc(_dot_)net>