North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
RE: IETF SMTP Working Group Proposal at smtpng.org
- From: Robert Blayzor
- Date: Wed Aug 21 11:52:22 2002
> A user/server certification system would be nice, as long as the
> certificate issuers held the right balance between ease of getting a
> cert and security in proving the identity of the cert holder. That
> would take away the anonymous nature of SPAM, and make enforcement
> possible. If an authority consistently fails to respond to
> complaints, you don't accept mail certified from them. And a
> certificate train will get you mail from small folks (I trust ALGX's
> CA, ALGX trusts AOL's, therefore AOL will accept my mail until I screw
> up, and ALGX revokes my server cert and/or turns me in to the FBI, or
> fails to and AOL revokes their trust of ALGX.)
Well yes, it could be done with certificates, but it can also be done
via some type of "root server" system like DNS uses. A database
distributed among many root servers from the registrars is proven.
Tracking valid servers seems much easier to track rather than
blacklisting IP's that are not mail servers at all or are abusive
servers. IMHO I don't think it would be that horrible of an idea with
the right amount of notification and education to state something such
as "register your mail servers by this date or risk service
interruption". Of course this period would be several months, if not a
> The only down side is the politics involved.
Politics and legalities are 95% of the reason a lot of good ideas have
yet to materialize.
Robert Blayzor, BOFH
RAM DISK is not an installation procedure!