Professional Software Engineering writes:
At 03:12 2001-12-12 +0000, John Conover wrote:
FYI, there are Procmail/Smartlist scripts available at:
http://www.johncon.com/john/Cmd/
which is a Certified Mail Delivery agent intended to reduce UCE/spam.
ObQ: _who_ certified it, and why would we trust their certification? Or do
you mean "Certified Mail" similar to the US Postal service Certified Mail
(which isn't even remotely similar to the process you're describing here
anyway).
The sender certified it as authentic, since (s)he sent it.
If a message's e-mail address is not in the "whitelist", the message
is archived, (via Smartlist scripts-like an archiving mailing list,)
and a e-mail sent back to the sender requesting a reply. If the sender
replies, (i.e., in doing so, certifies the message as authentic,)
Replies according to some special text, or just replies? What if the reply
comes in the form of a bounce (and we know how many variations there are on
those), complete with a copy of the sent message (and therefore, containing
the phrase that pays)?
How about "To certify that you sent this message, write 375 in the subject
of the reply", 375 being randomly generated.
Smartlist script forwards the original message on to the recipient,
and enters the e-mail address in the "whitelist" database.
Q: how well does this work for _mailing lists_ -- does it send the request
to the _sender_ (the mailing list, oh, thrill me), or to the _author_ (who
never addressed your recipient in the first place, and really shouldn't
have to "authenticate" themselves to you to avoid receiving those obnoxious
"reply or else" notifications)?
If mailing lists are in the "whitelist", any message from a mailing
list will be passed.
Although technically feasible, my tests show that it is annoying in
practice, and few senders reply to the certification request.
Which means the user of the script will be faces with a lot of trashbinned
mail they must manually dredge through to check out because the senders,
while at the same time annoying others through its existance.
No, it works OK. I didn't particularly like it, but TMDA claims that
their similar concept works very well for their clients.
FWIW, I find that trashing offenders at the SMTP level when I am subjected
to autoreplies gone amok is especially effective (my peeve is idiotic "I'm
out of the office for the next 24 months" messages on mailing lists). The
sendmail access db feature makes this trivially easy to do.
John
--
John Conover Tel. 408.370.2688 john(_at_)johncon(_dot_)com
631 Lamont Ct. Fax. 408.379.9602 http://www.johncon.com/
Campbell, CA 95008 Cel. 408.772.7733 SMS:
14087727733(_at_)pacbellpcs(_dot_)net
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail