> > http://docs.yahoo.com/docs/pr/release1169.html > >At least they finally have the majors working on the same page. Now we >just get to wait and see if they stick to their guns. If so, it could be >a good step forward.
Authenticating senders based on IP addresses .... but what does that really mean in terms of specific policy? How many of these signatories actually reject for no PTR? Authenticating senders based on content signing. .... I can't see CS getting adopted widely soon, unless these ISP insist on it for their inbound mail, but if they don't, then CS is toothless. PKI is hardly a mass market technology. Block or Limit the use of Port 25 .... great idea, except NONE og the big networks access/"subscriber" providers, the biggest factories polluting our MX by allowing direct-to-MX:25 from the compromised networks, have signed up for ASTA. Detect compromised computers (zombies) .... same as previous point. So, imo, ASTA is good intentions only. If ASTA signatories don't implement the letter and spirit themselves, ASTA is still born. We'll see how they do in the coming months. They intend to be leaders but how long will the delay implementing ASTA themselves? Len