That's RFC 7929. It's still a bad idea.
Thank you for making me aware of another attempt that has not worked. Trying
something different here. I agree with you that RFC 7929 is a bad idea.
would you elaborate your reasons to consider it a bad idea?
There's the concrete problem that it case folds the addresses which RFC
5321 forbids, but there's the general problem that the DNS wasn't designed
for large flat zones. The largest zone is probably .COM which has 150
million names, but Gmail and Yahoo each have more than an order of
magnitude more than that. If you want to distribute a billion keys, use
HTTPS or LDAP which scale a lot better.
* sender self-declares the nature of the message and certifies with digital
signature
* recipients express policy for what purpose they accept email and for what
not. extra bonus, they also get to require encryption. all optional.
* headers and URLs to enable human recipients to complain that received
message was misrepresented (actual nature of message different than declared
nature)
* the signals from the human recipients are systematically collected by their
mailbox-providers and passed on to the sender's ESP, both for policing of the
sender; which may include technical penalties; economical penalties; or in
extreme cases exclusion from sending privileges.
I've seen this before. See Goodmail and Bonded Sender for the economic
penalties. I can look for some others when I'm not about to get on a
plane.
The basic problem is that the cost of switching domains is zero, so
spammers will hop from domain to domain, which turns this into the
introduction problem, you have to decide whether to accept mail from
people you've never heard from before. Experience has told us that the
introduction problem is as intractable as the spam problem, so turning one
into the other is not an improvement.
There is also the practical problem that in a world with free mail
services, spammers sign up for Gmail and Hotmail and Yahoo accounts and
cycle through them. The big mail services try to prevent malicious
signups but they all have vast numbers of legit users so you can't block
them. At this point most of the spam that makes it into my inbox is from
Gmail and Microsoft,
The spam problem is really hard, and I would be surprised if there were an
interesting approach which hasn't been tried before.
R's,
John
_______________________________________________
mailop mailing list
[email protected]
https://list.mailop.org/listinfo/mailop
