[Asrg] actual possible improvements, was Email Postage

[Alessandro Vesely]

J.D. Falk wrote:
> For example, I suspect everyone here is familiar with the forwarding
> problem: forwarders or mailing lists may inadvertently forward spam, and ISP
> reputation systems assume the forwarding IP is a spammer.  But if the
> forwarder signed the message, and the ISP could do a VBR (or similar) check
> to confirm that the forwarder really is a member of the "forwarder" class
> (as determined by some sufficiently trustworthy external process), then the
> ISP may choose to apply a different reputation algorithm.

How would you compare such signing solution to an actual login? A 
forwarder may get a password for authenticating at your server going 
through an automated or semi-automated process much similar to the one 
implied to enroll in the forwarder class (or to signing up for 
feedback loops, for that matter.) SMTP AUTH can handle all SMTP cases, 
e.g. multiple recipients. This would enable working "live", thus 
encompassing, say, DNSBL and SPF, that would otherwise require their 
own arrangements.