[170475] in North American Network Operators' Group
Re: IPv6 isn't SMTP
daemon@ATHENA.MIT.EDU (Clay Fiske)
Thu Mar 27 20:55:24 2014
From: Clay Fiske <clay@bloomcounty.org>
In-Reply-To: <53347920.4000302@ispn.net>
Date: Thu, 27 Mar 2014 17:54:46 -0700
To: Blake Hudson <blake@ispn.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mar 27, 2014, at 12:16 PM, Blake Hudson <blake@ispn.net> wrote:
> It's entirely likely that a spammer would try to get a hold of a key =
due to its value or that someone you've done business with would share =
keys with a "business" partner . But ideally you'd authorize each sender =
with a unique key (or some sort of pair/combination). So that 1) you can =
tell who the spammer sourced the key from and 2) you can revoke the =
compromised key's authorization to send you subsequent email messages.
>=20
> There's probably some way to generate authorization such that each =
sender gets a unique key or a generic base is in some way salted or =
combined with information from the individual you're giving your =
authorization to such that the result is both unique and identifiable.
(Not to single you out, but this is a good entry point.)
So somewhere between this and the =93every user should have their own =
MTA=94 idea, something would need to be done to close the end user =
usability gap.
- =93I just bought something from this boutique website, how do I (or my =
ISP) know how to let them email me my receipt?=94
- =93My friend gave his buddy my email address to send a resume for that =
job opening I have. How do I permit him to send me email?=94
- =93This .gov entity needs to email me about my (taxes|health care|car =
registration|=85), how do I give them permission?=94
- =93My long lost high school friend found my email address somewhere =
(and isn=92t using gmail, hotmail, yahoo, =85.), how do I keep her from =
getting blocked?=94
All of these end-user questions will have to be answered by any such =
technology which seeks to solve the spam problem using a manner such as =
you describe here. And if you=92re going to say the solution is =93in =
addition to my email address, in order to send me mail someone is going =
to have to know my (key|pass phrase|=85)=94 then anything which =
currently collects your email address is also going to need to collect =
=93that=94. Therefore how do you control =93that=94 from getting in the =
wrong hands in that list of emails someone is selling to spammers?
Am I misunderstanding what=92s being proposed here? To me the ubiquity =
of email is its own undoing =97 it=92s so convenient because you can =
email anybody, anywhere, from anywhere, but it=92s so spammable because =
you can email anybody, anywhere, from anywhere.
-c=
