On Oct 4, 2004, at 2:36 AM, James Couzens wrote:
On Sun, 2004-10-03 at 23:25, Roger Moser wrote:
then a receiver could download the SES pubkey and verify
localparts without the callback.
Doesn't this use quite some CPU resources which the receiver has to
pay?
Better would be if the sender (spammer) had to do the heavy
calculations.
Yes! And this is why Domain Keys is a bad idea.
Regression analysis shows that implementing DomainKeys at even the
largest ISPs will require little additional equipment. For the common
case (under one million messages/day) DomainKeys doesn't even show up
on the profiling chart. DomainKeys costs almost nothing compared to
Virus scanning and many content-based spam filtering mechanisms like
Bayesian analysis. It is also cheaper than TLS enhanced SMTP sessions
which most responsible parties prefer anyway (usually pretty unfounded,
but they still like it). I am not implying that DomainKeys replaces
any of these, but that compared to the technologies deployed along side
it, it is pretty cheap.
We were very hesitant at first. Our implementation opened our eyes.
Lightning fast and computationally nonintrusive.
// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// OmniTI Computer Consulting, Inc. -- http://www.omniti.com/
// Ecelerity: fastest MTA on Earth