spam being sent using my domain

Von Fugal fuglv at cs.byu.edu
Thu Jan 25 20:09:37 MST 2007


Signing and sending the previous message reminded me. I think a real
swell answer to the spam problem could involve some kind of
public/private key signature dealy-o. Something like a per domain key.
I.E. gmail would sign a portion of the email header with it's private
key and anyone with the corresponding public key (any smart smtp server)
would know it was validly from whoever at gmail.com. This has the added
benefit of placing the responsibility of keeping you domain spam-tight
sqaurely on the domain itself. Don't want your key blacklisted? Don't
let spammers spam. The only caveat is just that, black lists or revoked
keys, the bane of public/private cryptography. But on the upside, I
imagine it could fit very nicely into standard smtp, no newfangled
protocol for everyone to adopt. The major domains could all get on very
quickly. And any joe domainer who cared could also get on the boat.
Eventually the slow ones can be phased out. (Start rejecting outright
any unsigned mails.) Until then an unsigned message can simply be
weighted toward spamity, or a signed message weighted away from spamity,
or both.
I'm sure there's people bright enough out there to make this work. If
not you'll just have to wait for me to graduate. (Don't hold your breath
:/)

Von Fugal
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
Url : http://plug.org/pipermail/plug/attachments/20070125/c2bb5703/attachment.bin 


More information about the PLUG mailing list