From: lucio@proxima.alt.za
To: 9fans@cse.psu.edu
Subject: Re: [9fans] re: spam filtering fs
Date: Wed, 3 Sep 2003 11:13:59 +0200 [thread overview]
Message-ID: <66da6c9b445553becc9e3195ef487bb0@proxima.alt.za> (raw)
On Wed, Sep 03, 2003 at 10:24:54AM +0200, Fco.J.Ballesteros wrote:
>
> > not frightened off getting a certificate. And some form of recourse
> > in the event of someone stealing the e-mail address, and that's the
> > hard part, sadly.
>
> Not just the sad, but also the common part. Most of the spam I get
> seems to use addresses from someone else.
>
> I'm afraid that certifying the from address would not work.
> I hope bayes is right.
This is the scenario I think would work:
My mail exchanger accepts mail that is "certified" and for which it
has the certificate public key. Certified mail contains either a
signature in the body as with PGP or a header of some description,
encrypted with the sender's private key so it can be decrypted and
validated. A preferable form of encryption would be at the SMTP
protocol level, but this is a different model.
The message may convey the public key in the headers as suggested by
the Privacy Enhanced Mail (PEM) RFCs, but then there has to be a CA in
the certificate hierarchy that validates the trust.
If trust cannot be validated, I suggest that a group of public
certificate servers, probably including the existing PGP public key
servers, should be queried for the certificate/public key. If the
certification cannot be established in this fashion, then the
difficult procedure comes into action.
Here we expect the exchanger to submit a request to a preferred public
certificate server that causes the sender to be polled. If the sender
replies with a valid certificate (or public key), it is stored in the
public server and forwarded to the exchanger, if not, then within some
time limit the exchanger is notified.
I hope I didn't abbreviate the above beyond usefulness, I'll be happy
to expand if I haven't been clear in any way. And I will of course be
interested in flaws as well as improvements.
++L
PS: At the SMTP level, I would suggest an exchange between servers
that has contractual value. In other words, the sending exchanger
ought to accept legal liability for mail it insists in forwarding.
Legislation to this effect would have to be enacted, naturally.
next reply other threads:[~2003-09-03 9:13 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-09-03 9:13 lucio [this message]
2003-09-03 10:09 ` Lyndon Nerenberg
2003-09-03 12:25 ` boyd, rounin
2003-09-04 4:57 ` Lucio De Re
2003-09-05 1:43 ` boyd, rounin
2003-09-05 1:52 ` David Presotto
2003-09-05 2:17 ` boyd, rounin
-- strict thread matches above, loose matches on Subject: below --
2003-09-01 20:31 matt
[not found] <1270037699@snellwilcox.com>
2003-09-01 15:45 ` steve.simon
2003-09-02 1:43 ` ron minnich
2003-09-02 1:53 ` boyd, rounin
2003-09-02 1:58 ` ron minnich
2003-09-02 2:04 ` Skip Tavakkolian
2003-09-02 2:15 ` boyd, rounin
2003-09-02 2:12 ` boyd, rounin
2003-09-02 2:00 ` boyd, rounin
2003-09-02 13:56 ` Eric Grosse
2003-09-02 16:08 ` Dan Cross
2003-09-02 21:28 ` boyd, rounin
2003-09-02 22:16 ` david presotto
2003-09-02 22:36 ` ron minnich
2003-09-03 0:59 ` Dan Cross
2003-09-03 1:50 ` Geoff Collyer
2003-09-03 3:35 ` Micah Stetson
2003-09-03 12:43 ` boyd, rounin
2003-09-03 12:41 ` boyd, rounin
2003-09-03 5:48 ` david presotto
2003-09-07 1:56 ` Dan Cross
2003-09-07 4:04 ` ron minnich
2003-09-07 5:34 ` Dan Cross
2003-09-07 8:51 ` boyd, rounin
2003-09-07 19:34 ` ron minnich
2003-09-07 12:35 ` David Presotto
2003-09-07 19:05 ` Dan Cross
2003-09-07 20:15 ` boyd, rounin
2003-09-08 2:22 ` Geoff Collyer
2003-09-08 5:21 ` Lucio De Re
2003-09-08 9:45 ` boyd, rounin
2003-09-03 12:37 ` boyd, rounin
2003-09-03 14:09 ` matt
2003-09-03 13:42 ` Russ Cox
2003-09-03 16:21 ` Dan Cross
2003-09-03 7:38 ` Fco.J.Ballesteros
2003-09-03 7:59 ` Lucio De Re
2003-09-03 8:24 ` Fco.J.Ballesteros
2003-09-03 12:03 ` boyd, rounin
2003-09-03 19:54 ` David Presotto
2003-09-03 21:26 ` boyd, rounin
2003-09-04 5:42 ` Lucio De Re
2003-09-04 6:15 ` George Michaelson
2003-09-04 6:10 ` Lucio De Re
2003-09-04 6:31 ` George Michaelson
2003-09-04 14:07 ` ron minnich
2003-09-03 14:27 ` ron minnich
2003-09-02 15:57 ` Dan Cross
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=66da6c9b445553becc9e3195ef487bb0@proxima.alt.za \
--to=lucio@proxima.alt.za \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).