Hello Gustavo,

Wednesday, February 4, 2004 you wrote:
GG> If we can't validate a sender, anyone can setup a mail server and send em=
GG> ail=20
GG> with a false identity (like virus does).
GG> Have you a idea to solve this ?

    You work with what you have and SMTP has limitations.

    You can authenticate your own users of course. But assuming it is
    not your user then practically a few IP tests and some spam and
    virus filtering is about as good as you can do right now. The only
    thing really you can do before accepting the message is to test
    the IP in various ways. Everything else requires the message data.
    
    Validating an e-mail address format is exceedingly difficult if
    not actually impossible. Even sending a message to the address
    means next to nothing even if a reply occurs. Assuming you could
    determine if a sender were valid then the question of whether the
    sender is legitimate - whatever that means - is much more complex.

    It is exactly like postal mail.  Anyone can place any return address
    on an envelope.  The return address may or may not be valid and
    the person who places it there may or may not be "legal" -
    whatever that means.
    
    Likewise the letter inside the envelope may be addressed to
    someone entirely different than the address on the envelope and
    may have an entirely different return address.  And none of them
    have to be valid or "legal."

    Long term the solution is pretty obvious really. Eventually every
    individual will have to have a unique identifier.  It is not
    really so difficult technically and eventually the society will
    not only permit it but demand it.  Actually the unique identifier
    already exists - just need a handy way to read it.  Once acquired
    it could be verified and passed or rejected at any point along the
    path.  Probably a few years off.
    

    
Terry Fritts

-
To unsubscribe from this list: send the line "unsubscribe xmail" in
the body of a message to [EMAIL PROTECTED]
For general help: send the line "help" in the body of a message to
[EMAIL PROTECTED]

Reply via email to