-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 20-feb-04, at 2:15, Vernon Schryver wrote:
That sounds like the old "authentication solves spam" hope. It was
wrong before SMTP-AUTH and it is still wrong.
Guess what, it is impossible to "solve" spam the same way it is
impossible to "solve" burglary. At least with authentication you get to
have whitelists that work. If you get a message with my email address
in the "from" line it could be from anyone. If it is signed with my PGP
key you know it came from me personally or someone went through a LOT
of trouble to get access to my private key and the key phrase.
The usefulness of authentication could be further extended by building
a web of trust where people vouch for the fact that others aren't
spammers. Obviously spammers will slip through from time to time, but
anyone who spams or keeps vouching for spammers will be removed from
the web of trust. But even if this part doesn't work authentication is
still useful.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFANdJTN+eEORsfxOYRAkk1AKCuNlZC3Te7VsC7UTiVcHu9CTGrBgCdFjAJ
5v4Y06Kl7UosCH6d9OJpvII=
=eFuO
-----END PGP SIGNATURE-----