> From: "Robert G. Brown" <rgb@xxxxxxxxxxxx> > ... > It has been pointed out several times now that unless you are willing to > receive mail only from a small, closed group of individuals that all > agree to use digital signatures and whose mail you whitelist while > blacklisting EVERYTHING ELSE you are right back where you are right now. > ... If you are interested in that model, then you do not need any fancy cryptography, certs, pretty good encryption, S/MIME, or anything else not already present in all SMTP mail. You can whitelist using bits that are already associated with every SMTP mail message and in the body delivered to your MUA if your MTA is not broken junk. Ever mail message carries a practically unforgeable (for spammers) token identifying its source. That token is the IP address of the SMTP client. If your MTA is reasonable, it is included in the Received header it adds. You only need fancy extra stuff if you cannot arrange for your community to use only trustworthy MTAs or if your traffic is worth the thousands of dollars (or equivalent labor) that breaking security based on IP addresses requires. Yes, I've heard of Bellovin, Mitnick, RFC 1948, etc. so forth and so on and on. TCP ISN faking is harder now than it used to be. It was always incompatible with the "bulk" in "unsolicited bulk mail." The spam problem starts with accepting mail from strangers. Give up that design goal, and spam disappears. So does much of the justification for mail. Vernon Schryver vjs@xxxxxxxxxxxx