On Mon, 5 Jun 2006, Douglas Otis wrote:
This would the commit servers into accepting data without being provided any clue the sender knows who would be available to receive the information. A better system would seem to be a call- back mode for the data.
A new ESMTP extension DATA-CALLBACK.
The current DATA phase becomes a the header only portion of the message. A new header also provides a token used by the MUA to retrieve the rest of the data. The recipient could check the DKIM signatures before deciding whether the signing domain had a suitable reputation before even requesting the information. The bulk of the message would be held by the sender rather than by the intermediary for the recipient.
DKIM however can not be used for this - this is the signature that does not separate header from email body properly and forces the signature to be for entirely data segment rather then based on actual context part(s) and only allows to verify the signature once data has been retrieved.
If somebody is interested I have whole bunch of notes on all this - however considering what I've seen I do not see that internet community (and more specifically email industry) would be willing to implement all necessary extensions and I think new email protocol is better way to go to really fix SMTP rather then several additional patches which are hard to fit within current infrastructure.
-Doug
_______________________________________________ Asrg mailing list Asrg at ietf.org https://www1.ietf.org/mailman/listinfo/asrg