Mike Holling writes:
> Exactly. The implicit assumption being promoted here is that an ISP's
> mail server is somehow more "legitimate" than an arbitrary mailserver on
> the Internet. As Russ has just demonstrated, there is quite a bit of
> legitimate mail transacted on non-ISP servers.
Why should I trust J. Random SMTP client to be non-abusive? You're
trying to convince me that I should trust *all* SMTP clients equally.
You're going to fail at that, because some have PROVEN themselves not
worth of trust. I have the evidence of my own eyes -- the spam in my
mailbox.
How does one develop trust? Through credentials -- a chunk of
information that says that you are who you say you are. How do the
credentials become believable? Because of the reputation of the
issuing institution.
Machines with static IP addresses have a credential -- the
correspondance between name and number. Muncher.math.uic.edu has
proven itself trustworthy. How do I know it is muncher? By it's IP
address, and by the reverse DNS record that identifies it as muncher.
Could someone forge muncher's identity? Yes, by DNS spoofing. That
is too much work for spammers, however.
Unfortunately for the legitimate users, dialup users have proven
themselves untrustworthy, because they are at the moment of connection
anonymous. How can they generate the necessary trust? Well, for one,
by having a DNS record which identifies them as trustworthy. Their
ISP can issue them a address from a pool which is trusted, once they
have proven their trust. Or vice-versa, a new or trial user would be
given an address in a pool which is not trusted.
Another way they could be trusted is by going through a proxy. This
proxy runs on a host with a credential, and allows access only to
trusted SMTP clients.
I'm sure that there are other methods for developing trust. One thing
is for sure: you can't trust random SMTP clients. This is not your
father's ARPANet, where all hosts were by definition trusted.
--
-russ nelson <[EMAIL PROTECTED]> http://crynwr.com/~nelson
Crynwr supports Open Source(tm) Software| PGPok | There is good evidence
521 Pleasant Valley Rd. | +1 315 268 1925 voice | that freedom is the
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | cause of world peace.
