On Thu, Apr 07, 2005 at 10:53:46PM -0400, Derek Martin wrote:
The point is that you can block known spammers based on their domain,
without needlessly penalizing the innocent.
Reject if:
1) the message is not signed with the domain's published key
2) the signature matches, but the domain is a known spammer
3) there is no published key
Otherwise accept.
It would work like current RBLs work, except that you have pretty
solid proof that the sender is or isn't coming from where they say
they are. It adds documentable accountability.
Isn't this scheme somewhat similar to SPF or DomainKeys? At least to
the degree that it attempts to validate the domain of the sender?
How would this work with all the compromised Windows machines out there?
Couldn't a spammer use such a network of compromised machines to send
out emails through Outlook, etc.? (This appears to be a problem with
most anti-spam approaches)
-- Bob
_______________________________________________
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
