I find this *really* annoying
Bob Bell
bbell at macroped.com
Fri Apr 8 15:19:01 EDT 2005
On Thu, Apr 07, 2005 at 10:53:46PM -0400, Derek Martin wrote:
> The point is that you can block known spammers based on their domain,
> without needlessly penalizing the innocent.
>
> Reject if:
>
> 1) the message is not signed with the domain's published key
> 2) the signature matches, but the domain is a known spammer
> 3) there is no published key
>
> Otherwise accept.
>
> It would work like current RBLs work, except that you have pretty
> solid proof that the sender is or isn't coming from where they say
> they are. It adds documentable accountability.
Isn't this scheme somewhat similar to SPF or DomainKeys? At least to
the degree that it attempts to validate the domain of the sender?
How would this work with all the compromised Windows machines out there?
Couldn't a spammer use such a network of compromised machines to send
out emails through Outlook, etc.? (This appears to be a problem with
most anti-spam approaches)
-- Bob
More information about the gnhlug-discuss
mailing list