David Woodhouse wrote:
>On Mon, 2004-07-12 at 12:55 +0000, Peter Bowyer wrote:
>> Some people here have discussed an alternative solution which drops a
>> cryptographically-derived cookie in the return-path of all outgoing mail,
>> and on the incoming side you reject null-sender mail which arrives to the
>> 'bare' address, and verify the cookie otherwise.
>
>Sample implementation at http://www.infradead.org/rpr.html
>
Nice one, but it breaks (like all schemes with timestamps in them)
greylisting.
The envelope sender signature design (esp. with stronger encryption as
promised here yesterday) at
http://slett.net/spam-filtering-for-mx/
solves what the OP asked for with the least amount of collateral damage
I've seen so far for these schemes.
Regards,
Christian Balzer
--
Christian Balzer Network/Systems Engineer NOC
chibi@??? Global OnLine Japan/Fusion Network Services
http://www.gol.com/
