[Asrg] Re: A new (?) wrinkle on the spamming problem

[wayne <wayne at schlitt.net>]

In <B0000001812 at nts1.terabites.com> gep2 at terabites.com writes:

> This is INDEED a matter of concern... when disreputable folks start signing 
> _our_ names to E-mails to politicians and others (who knows, letters to the 
> editors, and so forth) in hopes of making it look like WE support THEIR 
> causes...!!!!

As Peter mentioned, this is not really new.  This is the kind of thing
that SPF is designed to help with.  Domain owners can choose to
publish SPF records saying how they wish their domain names to be used
and email receivers can choose to listen to what the domain owners
say.

See http://www.openspf.org/


It is not clear to me if DKIM (the merged DomainKeys and IIM system)
will allow you to repudiate this kind of abuse of your domain name.
Instead it looks like they may be able to just give positive
assertions that the email did come from who it says it is  It may not
be able to say that the email didn't come from who it says it is. 
Similarly, things like S/MIME and PGP give much strong positive
assertions than SPF and DKIM, but you can't tell if an unsigned email
is valid or not.


-wayne


_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg