Hi !!
> However it would also be sensible to add an ESMTP command similar to
> STARTTLS that would present a PGP key for verification and analysis.
i'm thinking about a similar system, where a smtp extension allows to
pass a authorization token to the receiving mta that authorizes the
sending mta (ip address) to send that email. If the receiving mta needs
to forward that email to another (external) mta then it must request
authorization to do that from an authorization server taken from the
envelope sender's domain dns system, so it could use the new auth token
with the next hop. Just starting to think about it, the major drawback
is as always that needs critical mass to really work, and modification
of mta software, but at the end any solution will need this, so why not
think deeper about it ...
BTW, [for the exim whislist], it would be pretty to have a way to
add custom (experimental) extensions to smtp a) by being able to
announce extra capabilities in the EHLO response and b) having
an acl to handle unknown commands with a variable holding that
command and it's arguments. This looks not very complicated and
will allow everybody to play implementing experimental or custom
smtp extensions
> Both mechanisms would be necessary to get any initial penetration and
> critical mass.
in fact, any improvment to smtp that could fight email forgery in a
effective way needs to get critical mass, so it has nosense to discard
any idea just for this reason.
> I.e. I'm not talking about anything to do with data integrity or privacy
> - -- simply a secure means of assessing the level of trust one has in the
> connecting client using an entirely existing web-of-trust style key
> infrastructure.
looks like a whitelist
--
Best regards ...
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david@???
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------