[Gllug] Spammers

Jason Clifford jason at ukpost.com
Tue Sep 23 13:41:20 UTC 2003


On Tue, 23 Sep 2003, Tim Gray wrote:

> <CREATURE TYPE="CAT" LOCATION="AMONGST PIGEONS">
> Personally I'd like to see mandatory certificates for SMTP servers, at 
> least it would be more difficult to stop spammers using your email address.
> </CREATURE>

If such a system were in place all that would be needed to circumvent it 
would be for a certificate agency to either go rogue (think verisign right 
now!) or be bought out by a spammer or for a spammer to obtain a root or 
high level certificate.

Then because all the MTA's would trust the certificate implicitely all 
protection would be gone.

As it stands there is no reason to trust any server connecting to your box 
so you put in place such policies to limit the risk as you think 
reasonable.

This is not something I think can be mandated with any real success. It's 
the same arguement as per id cards.

Jason Clifford
-- 
UKFSN.ORG		Finance Free Software while you surf the 'net
http://www.ukfsn.org/		ADSL Broadband available now


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list