Anti-spam SMTP mods

[Lucas Peet]

Jonathan Hutchins wrote:
 > There are already authorization methods, and means that allow only
trusted
 > servers to connect to your server.  SSL is one of the preferred
methods.  As
 > long as you trust the connecting server, you can trust mail from it,
assuming
 > it is adequately protected against relaying from bogus hosts.

It's not about authorization.  A 'good' server can still send both good
and bad emails.  It's about the originating server digitaly signing the
*header* portion of an email, certifying that it indeed came from this
server, any changes to the headers will render the signature invalid,
and thus should be rejected by the receiving server.

Anti spam software that currently modifys header information will need
to adapt to this, and snatch and scan the email *before* it hits the
STMP relay.

 > I think that's one of the reasons all these ideas for securing and
authorizing
 > mail fail to catch on.  I know I have no enthusiasm for setting up a
 > "handshake" system that will reach maybe two or three percent of the
servers
 > out there.

Again, there'd be no handshake, just a validation of the signature and
headers, verifying that it came from a live, good IP & email address (It
could check the validity of an email address by a short, mimic delievery
request to the email address to prevent using known undelieverable email
addresses from sending outgoing email), that couldn't be changed /
spoofed without rendering the signature bad, and giving the email 0%
chance of being delievered.

-Lucas