on 5/31/2003 10:42 PM Valdis.Kletnieks@vt.edu wrote: > We're starting to see the rise of zombie networks of trojaned machines > to send spam, similar to the DDoS networks. Which makes Paul Vixie's > comments even more important: http://www.pcworld.com/news/article/0,aid,110918,00.asp talks about this from another perspective. If worms are going to be sending out stuff on behalf of the user (whether that be copies of itself, or spam as in this case), then no amount of identity information will be able to prevent it. I mean, even with all of the proposals put forth here, it would still be impossible to filter worms without disabling all file attachments everywhere, since some users are always going to open attachments, or are going to run bad clients. However, having verified identity information (the sender, the host, the domain) *will* assist in enforcement against worms: "we know your user is infected, here's the proof." -- Eric A. Hall http://www.ehsco.com/ Internet Core Protocols http://www.oreilly.com/catalog/coreprot/