North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: How do you stop outgoing spam?
On Tue, 10 Sep 2002 [email protected] wrote: > We don't even have to throw out SMTP - there's STARTTLS, AUTH, PGP, and > so on. The problem is that we don't know how to do a PKI that will > scale (note that the current SSL certificate scheme isn't sufficient, as > it usually does a really poor job of handling CRLs - and the *lack* of > ability to distribute a CRL (which is essentially a blacklist) is the crux > of the problem. So let everyone have their own. If you want to send me email, create a certificate for yourself. Then before you can actually tranfser messages, your system asks permission to do so, my system sends back a challenge to yours so I'm sure you haven't faked your reply address and your certificate is whitelisted. If you spam me, I can blacklist your certificate, your email address or your domain. If I handle mail for many users, I can apply some heuristics: new certificates/domains only get to send a small number of messages per hour initially or something similar. > It's not as easy as it looks. Granted, but it's also not so hard we can't improve on a 20 year old protocol. As (nearly) always, the problem is backward compatibility. That makes it next to impossible to get something useful off the ground.
|