RE: [Asrg] How to defeat spam that uses encryption?

["Eric D. Williams" <eric@infobro.com>]

On Tuesday, April 01, 2003 8:31 AM, william@elan.net [SMTP:william@elan.net] 
wrote:
> There is nothing stopping spammers from generating new keys and certificates
> for their mail servers, so we can have servers exchange certs, but really
> not authentication there as far as who is who.
>
> Slightly better is if server must have a public certificate verifyable
> though DNS, then whatever name is at EHLO, it can be checked at DNS and
> then you know who it is. This does not stop spammers from adding their
> certs into dns either, but at least then we are requirying them to have
> valid dns record for mail server and they really do not like that idea...
> (but they can still just get new domain for $6 which is real cheap as far
> as preventing abuse and changing domains all the time - to stop some kind
> of ip block verification has to be done or DCC like system).

I think this is a primary requirement (authenticity of origination - in some 
form), do others feel that authenticity will add to the efficacy of any 
approach or a majority of approaches?

-e
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg