Bengt Ruusunen writes: > > Hello, > > As everybody knows that recent viruses spread via sending > spoofed 'sender address'. > > fex. > > I am a person '[EMAIL PROTECTED]' and got so called 'return > mail' from '[EMAIL PROTECTED]' telling that mail > sent by me (which I never sent in a first place) cannot be delivered. > Obviously containg somekind malware as an attachment. >[...] > - E-mail receiving server could check that 'very first original' > From: line and if it is same than the receiver address ie. > '[EMAIL PROTECTED]' > > Perform an check to see if the 'sender identification' ie. > salted public key, GUID or something (X-Authenticated-Guid: > #0a845d299ca340087140) exists in mail header. > > Delivery should be done only if an 'sender identification' > exist and the key matches.
What about mail MUA/servers which silently drop your optional X-Authenticated-Guid: header? You would be trashing every mail from those clients. Now if you used this in tandem with a spam filter software like SpamAssassin, you could use it to re-weight the probability of the response.
smime.p7s
Description: S/MIME cryptographic signature
