What could would that do? I can take your entire message, replace the contents with spam, and send it along. If we don't sign the contents, there is no way to validate that *you* wrote them. As the receiver, I would query the sender domain to make sure that it has a legitimate sender, but then all that we've done is (a) provided harvesters with a tool for verifying addresses, and (b) told the receiver that the address exists, not that it really sent the message.
this solution places the burden of individual authentication upon the mail server (domain). it only deals with ensuring that the message came from the server that is listed in the DNS records. if the request is time boxed it does this with reasonable confidence.
this is how it would work:
1. [EMAIL PROTECTED] sends a message using mail.lothlorien.net to [EMAIL PROTECTED]
as i pointed out in my first note mail.lothlorien.net MUST be the MX of record for theshire.net. this is a limitation of the solution, however just about any solution has the same limitation (unless someone has a *workable* plan for integalactic certificate management.)
2. the receiving server at aoelf.com performs an MX lookup on the sender using DNS (ls thesire.net, type=MX) and it gets 'mail.lothlorien.net'.
3. the receiving server at aoelf.com sends the message-id from the note to 'mail.lothlorien.net' in a query (did you send this message-id to me?) using a proprietary SMTP query/response.
this can take on a number of attribute formats using To, From, timestamp, etc.
4. mail.lothlorien.net responds with * yes (i just sent a message to 'you' with the message-id given) * no (i did NOT send a message to 'you' with the message-id given) * error (what are you talking about?/unsupported)
there would be some level of timeout, minutes/hours/days that the sending server would maintain this information (including discarding any, once queried).
5. receiving server at aoelf.com acts accordingly (header tag, discard, spamfolder, etc.).
to impersonate someone you would have to build a message with a message-id that the sending server has not been queried on, with the appropriate domain information ('did you send this to ME?' means that the receiving server would supply the domain name it is hosting--derived from the envelope) and/or before the message-id table expires the entry.
perfect? no. highly unlikely that it will be spoofed? seems to me that it wouldn't be trivial, even by nazgul. does it provide a way for spammers to validate users? no. does it guarantee that it was glorifindel and not bilbo using his aoelf.com account? no. that is aoelf.com's issue. it only provides assurance that mail.lothlorien.net sent the note and that mail.lothlorien.net is the server that is responsible for sending notes for theshire.net.
i think that if you you look at the sum of issues involving spam impersonation you will find that this would work quite well. user level certs would be nice, but the world is not ready for it. it isn't just mail, there are BILLIONS of dollars waiting to be spent on the certificate solution that lets users perform unambiguously authenticated transactions over the internet in a variety of forms. what's the hold up? complexity, cost, liability and the lack of a good CRL for starters.
You need to account for the fact that my e-mail address might be [EMAIL PROTECTED], but I might be using mail.lothlorien.net for SMTP service at the appropriate point on my journey. You need to allow that, while preventing the Nazgul at the Prancing Pony Cybercafe from using [EMAIL PROTECTED] to tell Glorfindel that we're delayed, and to just stay home for a few days. Sure, spammers use bogus addresses, but more and more they are just using someone else's address. This past week, most of the spam I saw (and a lot of bounce messages) had addresses I recognized.
addresses *you* recognized, but i suspect that they were not sent from the MX listed in the DNS records for the domain of the sender (and if queried they would concur).
b
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
