Blacklisting: obvious P2P app
neal rauhauser
neal at lists.rauhauser.net
Wed Sep 24 18:21:23 UTC 2003
It has been mentioned in other places on the net (ok, yammerings on
slashdot, but this made a bit of sense) that blacklisting is a perfect
P2P application.
Each mailserver could keep a cryptographically verified list, the
list is distributed via some P2P mechanism, and DoS directed at the
'source' of the service only interrupts updates, and only does so until
the source slips an updated copy of the list to a few peers, and then
the update spreads. Spam is an economic activity and they won't DoS a
source if they know it won't help their situation.
I'm not an expert in DNS, email server configuration, or routing,
but it seems to me that the whole thing requires a distributed solution
to harden it against spammers, and that the logical place for this is
the SMTP daemon itself, possibly coupled with some global registry that
sells digital certs for a reasonable annual fee, much how domain names
are handled now (Verisign excluded, of course).
--
mailto:neal at lists.rauhauser.net
phone:402-301-9555
"After all that I've been through, you're the only one who matters,
you never left me in the dark here on my own" - Widespread Panic
More information about the NANOG
mailing list