[email protected] wrote: <<..>> > IMHO, a sender-authentication system that runs over SMTP and allows at > least *some* mail to be highly-verifiable as known-good - and that was > easy to adopt at the user level - could spread like wild fire and drive > adoption and refinement thereby reducing the value of spam to near-zero. > (fwiw I think this would require some amount of strong auth to work at > all)
Ummmm -- given the huge number of compromised client machines out there, and the multiplier of each such machine giving up N email account details (ISP, work or school, free webmail, one for most IM services the user is registered with, etc, etc) per legit user of the machine (2, 3, 4, 5, ??? per PC for a typical "home computer"), you see being able to "strongly authenticate" some, even any Emails from that system as BOTH possible and sufficiently user friendly that it might actually be used by more than a tiny fraction of the really most nerdy of IT techie types (who have other easier/more ingrained methods at their own disposal now)? Really? What _are_ you smoking? Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
