I've quickly looked at the latest source, but can't see it ...... does JAMES have a configurable mechanism for checking domain names of senders. Not perfect, but a form of SPAM defence. If the domain names were fake, then JAMES could simply delete the email as it comes in, and never forward to the account holder.
A related idea -> SMTP and it's relaying nature is decades old and part of the problem. If a new standard emerged whereby incoming email was checked back with the alleged sending server and similarly binned if not actually send my that server, then SPAM could again be diminished. Say the end-point recipient mail server made a digest of the message and asked "did you send this" to the originating mail server, then it could work. This could be an optional extension to the sprawling mass of mail standards. Granted not all servers would conform to the standard at the outset, but in time more and more would include the appropriate headers. An early adopter (like myself) could configure their account to (at a particular moment in time of their choosing) no longer accept such un-authenticated email. This the world of email could undergo a gradual transition from chaos to authenticated. i.e - Did you send this? - Yes, it's fine. - No, it was faked elsewhere. - Yes, but it is not, in retrospect, authentic. - Yes, but it has possibly suspect contents (Virus etc.). - Yes, but the account is now disabled for some reason or other (e.g. breach of AUP). I'm thinking that these are genuine API requests, rather than API calls packaged as formatted emails: [EMAIL PROTECTED] Body="Hi, I'm the email server JAMES running at xxxxx.com. Did you send and email to me :...." Perhaps I am thinking that some of you folks could take this idea (if not mulled over already) and push towards a IETF RFC. Hell, go XML at the same time! Regards, - Paul H --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
