IETF SMTP Working Group Proposal at smtpng.org

• Previous message (by thread): IETF SMTP Working Group Proposal at smtpng.org
• Next message (by thread): IETF SMTP Working Group Proposal at smtpng.org
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> A user/server certification system would be nice, as long as the
> certificate issuers held the right balance between ease of getting a
> cert and security in proving the identity of the cert holder.  That
> would take away the anonymous nature of SPAM, and make enforcement
> possible.  If an authority consistently fails to respond to
> complaints, you don't accept mail certified from them.  And a
> certificate train will get you mail from small folks (I trust ALGX's
> CA, ALGX trusts AOL's, therefore AOL will accept my mail until I screw
> up, and ALGX revokes my server cert and/or turns me in to the FBI, or
> fails to and AOL revokes their trust of ALGX.)

Well yes, it could be done with certificates, but it can also be done
via some type of "root server" system like DNS uses.  A database
distributed among many root servers from the registrars is proven.
Tracking valid servers seems much easier to track rather than
blacklisting IP's that are not mail servers at all or are abusive
servers.  IMHO I don't think it would be that horrible of an idea with
the right amount of notification and education to state something such
as "register your mail servers by this date or risk service
interruption".  Of course this period would be several months, if not a
year+ .  
 
> The only down side is the politics involved. 

Politics and legalities are 95% of the reason a lot of good ideas have
yet to materialize.

--
Robert Blayzor, BOFH
INOC, LLC
rblayzor at inoc.net

RAM DISK is not an installation procedure!

• Previous message (by thread): IETF SMTP Working Group Proposal at smtpng.org
• Next message (by thread): IETF SMTP Working Group Proposal at smtpng.org
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]