-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 20-feb-04, at 2:15, Vernon Schryver wrote:
That sounds like the old "authentication solves spam" hope. It was wrong before SMTP-AUTH and it is still wrong.
Guess what, it is impossible to "solve" spam the same way it is impossible to "solve" burglary. At least with authentication you get to have whitelists that work. If you get a message with my email address in the "from" line it could be from anyone. If it is signed with my PGP key you know it came from me personally or someone went through a LOT of trouble to get access to my private key and the key phrase.
The usefulness of authentication could be further extended by building a web of trust where people vouch for the fact that others aren't spammers. Obviously spammers will slip through from time to time, but anyone who spams or keeps vouching for spammers will be removed from the web of trust. But even if this part doesn't work authentication is still useful.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iD8DBQFANdJTN+eEORsfxOYRAkk1AKCuNlZC3Te7VsC7UTiVcHu9CTGrBgCdFjAJ 5v4Y06Kl7UosCH6d9OJpvII= =eFuO -----END PGP SIGNATURE-----