I find this *really* annoying
aluminumsulfate at earthlink.net
aluminumsulfate at earthlink.net
Thu Apr 7 23:34:00 EDT 2005
From: Derek Martin <invalid at pizzashack.org>
Date: Thu, 7 Apr 2005 22:53:46 -0400
>
> I'm afraid signing SMTP won't help the spam problem.
Sure it will, if implemented well.
<snip>
Reject if:
1) the message is not signed with the domain's published key
2) the signature matches, but the domain is a known spammer
3) there is no published key
Otherwise accept.
How do you propose a message would get "signed with the domain's
published key"? By going through the domain's outgoing mail server?
Relaying through your ISP already works... a scheme like that would
essentially just replace IP addresses with cryptosigs. Sure, this
will provide you with some connection-level security (it will make
spoofing harder). The problem of being forced through "official"
relays still remains.
If you hand out the private key to everyone on the domain, what's
to stop them from passing the key to an "evil" :) domain? I don't
see how this could really work....
Dave
More information about the gnhlug-discuss
mailing list