At 10:07 PM -0700 2003/09/28, Claus Assmann wrote:
I'm thinking that we might be able to do something like USENET PGP-signed message cancels, or even No-C-Em's. Just add to your PGP keyring the keys you choose to trust, and then listen to the appropriate port. Better yet, use an outbound connection from your server to a robust P2P network like freenet, and therefore use a relatively randomly assigned port.Question: what do you gain by requiring a cert? Whom do you trust to be a CA? BTW: the hierarchical structure of X.509 certs is fine for companies, but not for others, where a "web of trust" would be more appropriate.
Regretfully, we've seen that DNS BLs can be taken off the 'net. I'm afraid that this tool is going to rapidly become unusable, or at least considerably less useful, as the spammers get more and more aggressive about DDoS'ing anyone out of existence that stands in their way.It would be nice if someone categorizes the ways how spam reaches the recipients (open relay, proxy, trojaned PCs, directly from spammers, etc), and the explain how you can defeat those (DNS BLs for the first two at least, rMX/designated sender can help in some cases, etc).