[Asrg] forwarding (was Re: actual possible improvements, was Email Postage)
J.D. Falk
jdfalk at returnpath.net
Wed Nov 19 12:29:32 PST 2008
On 19/11/2008 02:10, "Alessandro Vesely" <vesely at tana.it> wrote:
> J.D. Falk wrote:
>> For example, I suspect everyone here is familiar with the forwarding
>> problem: forwarders or mailing lists may inadvertently forward spam, and ISP
>> reputation systems assume the forwarding IP is a spammer. But if the
>> forwarder signed the message, and the ISP could do a VBR (or similar) check
>> to confirm that the forwarder really is a member of the "forwarder" class
>> (as determined by some sufficiently trustworthy external process), then the
>> ISP may choose to apply a different reputation algorithm.
>
> How would you compare such signing solution to an actual login? A
> forwarder may get a password for authenticating at your server going
> through an automated or semi-automated process much similar to the one
> implied to enroll in the forwarder class (or to signing up for
> feedback loops, for that matter.) SMTP AUTH can handle all SMTP cases,
> e.g. multiple recipients. This would enable working "live", thus
> encompassing, say, DNSBL and SPF, that would otherwise require their
> own arrangements.
The SMTP AUTH idea is an interesting idea, but seems to me as if it'd
require much more effort on the part of the receiving/authorizing entity.
I really do like the idea, though, and I think it'd be an interesting
research project for the ASRG to tackle.
(I'm not volunteering to manage it, though.)
More information about the Asrg
mailing list