North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMTP authentication for broadband providers

  • From: Rob Pickering
  • Date: Fri Feb 13 11:01:26 2004

--On 13 February 2004 09:27 -0500 [email protected] wrote:
Yeeee-Haw!  A return to the Old West of bangbaths and pathalias.

No thanks.
That's absolutely the issue with emerging resignation to "e-mail peering" and the like being the only solution to the spam problem.

Folks who've been around long enough to remember UUCP maps or ADMD=/PRMD= know how huge the cost and support overhead of unreliability per e-mail sent is relative to SMTP delivery.

Before we drop into that particular trap I'd like to think that one more attempt could be made at using PKI to do MTA identification.

Maybe I'm a dreamer, but a world in which I only accept mail from MTA's that present a certificate from a CA I trust seems way better than one where I need an offline contract with a necessarily few people, and the world has to work out how to reach me through them.

This won't stop spam at all levels, but neither will e-mail peering as it will still be possible to inject SPAM into a provider's network and therefore get it transited through their peering links. It's much easier to kill a black-hat or just careless MTA by locally blacklisting an individual public key, CN=, O=, or even C= if I'm minded to.