RE: [Asrg] RE: Asrg digest, Vol 1 #32 - 9 msgs

[Kee Hinckley <nazgul@somewhere.com>]

At 6:00 PM +0000 3/6/03, Tom Thomson wrote:
> No, it isn't the situation we have now.  It's closer to the situation we had
> a while back, but the spammers have got a lot cleverer since.  Injecting a
> few "Received-From:" headers at source, complete with IP addresses and
> domain name that corresponded to that IP at the time the message was
> delivered to that MTA, means that when the message is delivered there is no
I agree that signed Received headers would make life easier, but I 
think there are other signed things we could better focus on. 
However I have yet to see a set of injected Received: headers that 
could not be programmatically determined to be fake.  If you have any 
such messages (seriously), I'd like to see them.

> Received-From trail? That's what makes me favour blacklists once we have
> reliable authentication of point of origin, but only when we have that
> reliable authentication (and have a pile of complaints not dealt with).
As I think has been said on this list, and certainly elsewhere. 
Blacklists are worth what you pay for them.  And those that charge, 
get sued.

I also seriously worry about what would happen if some country 
decides not to uphold the standards we are proposing and gets 
blacklisted.  Does it become a diplomatic affair?
--
Kee Hinckley
http://www.puremessaging.com/        Junk-Free Email Filtering
http://commons.somewhere.com/buzz/   Writings on Technology and Society

I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg