Re: [exim] MARID, SPF, DomainKeys, SenderID ?

Top Page
Delete this message
Reply to this message
Author: Andrzej Adam Filip
Date:  
To: Exim User's Mailing List
Subject: Re: [exim] MARID, SPF, DomainKeys, SenderID ?
David wrote:
>> Ultimately I believe the only real long-term solution will be something
>> based on the PGP web-of-trust (i.e. not just the model but the actual
>> existing keyserver infrastructure and existing authentication
>> mechanisms) but done at the MTA-to-MTA level such that postmasters can
>> measure the level of trust their mailers have of their connecting peers
>
>
> I've been also thinking about it after i saw some email messages with
> a PGP-Signature header. It will be easy to add a special header with
> a PGP signature added by the mta (isp) and check it. This is close to
> DomainKeys but as you noted it bennefits of the existing
> infraestructure. Nevertheless this requires to accept the whole message
> body before any decision could be taken, which solves only a part of
> the spam problem. A method to take decisions before DATA is also need
> to address the bandwith usage problem.


Standard for PGP/GPG signature header is used for some time for signing usenet
control messages: ftp://ftp.isc.org/pub/pgpcontrol/README.html
It can be used to sign message body and sender chosen headers.

One improvement recommended in discussion about it in news:comp.mail.sendmail
was to add to make signature verifiable even when body footer is added (e.g.
by mailing list software).

IMHO Adopting long existing standards is a good protection against dubious
claims of IP/patent violations.

--
Andrzej [en:Andrew] Adam Filip anfi@??? anfi@???
Home Page http://anfi.homeunix.net/ [ PageRank 6 ]