Re: IETF SMTP Working Group Proposal at smtpng.org

[Dave Israel <davei () algx net>]

On 8/21/2002 at 10:53:19 -0400, Ron da Silva said:
> On Wed, Aug 21, 2002 at 10:00:02AM -0400, sjj () pobox com wrote:
> > > what are the more basic problems you're trying to fix?
> >    
> >  I'd like to be able to publish DNS records announcing my domain's *outbound*
> > mail servers, with nice abbreviated forms to say "they're the same as my
> > inbound (MX) records" or "any IP in x.y.z/24".  Then cooperative ISPs (like say
> > America Online) could refuse any email from my domain that originated from some
> > random cable modem, instead of accepting it and then flooding me with 20000
> > bounce messages.
>
> What about this email from you which came to me from Merit and not your
> mail server?  Would break mailing lists and listserves unless the from
> field is overwritten.

A user/server certification system would be nice, as long as the
certificate issuers held the right balance between ease of getting a
cert and security in proving the identity of the cert holder.  That
would take away the anonymous nature of SPAM, and make enforcement
possible.  If an authority consistently fails to respond to
complaints, you don't accept mail certified from them.  And a
certificate train will get you mail from small folks (I trust ALGX's
CA, ALGX trusts AOL's, therefore AOL will accept my mail until I screw
up, and ALGX revokes my server cert and/or turns me in to the FBI, or
fails to and AOL revokes their trust of ALGX.)

The only down side is the politics involved. 

-Dave