Subject: Re. Spam suggestion...
To: None <email@example.com>
From: Richard Rauch <firstname.lastname@example.org>
Date: 02/22/2004 23:39:33
An interesting thread.
I've considered offering a suggestion for general consumption, but then decided
that it was sufficiently obvious that others must have pondered it already, and
if it had any validity, it might even be on an RFC that I haven't had time to
Since using reverse-DNS is a pretty low-tech way to do this, and not a very
reliable mechanism, I'll offer my thought:
Mail should be signed at the SMTP layer by the sending system.
Unsigned mail should be refused (though enforcing that would first
require that the support be widespread). Mail with an invalid
signature would be refused. Not accepted and later bounced, not
deleted. Just refuse it.
How would this help? Well, a key point is where the public keys are kept
for signing: Not on a standard key server, but on an anti-spamming keyserver.
Getting your key on there would involve a nominal fee, say $20. Confirmed,
signed spam would result in revocation of the key.
Unlike regular keyservers, there would be two ways to check a key. One is
simply to verify that it is valid. This could be done as often as required.
Another way to access the key is to request a copy for a new system. (Your
mail server would cache keys indefinitely, and only revalidate when required,
rather than on every email.)
The keyserver would be configured to refuse more than one request for a given
key per 5 minute (1 minute? 1 hour?) interval. Alternatively, for things like
the NetBSD lists, you could grab the key from a web-server, if you are willing
to trust the web-server & list. Refusals to provide a key are intended to
throttle back disperal of new keys so that spammers can't send thousands of
messages before the key is invalidated.
This would also let you track whether mail was really forwarded, or if a
spammer is pretending to be an open relay, etc. (The notion would be
to embed the signature into the Received: tracking lines; I would have
to re-read the relavent RFCs to see if that can actually be done, and
of course there's the possibility that the mail has been rewritten in some
subtle way. But signers should not rewrite the mail.)
If you "play nice" you should only have to register one key, once, and it
will be valid indefinitely. If you are a spammer, you will be paying
$20 for a rather small number of spams. Better to buy some stamps, paper,
and envelopes for traditional paper mailings. If you are an open relay, you
will have a financial reason to tighten up things.
The $20 fee would be intended to help pay for maintaining the system, and
also to deter spammers and open relays from even bothering. Virus-spreading
could also be a reason to kill keys. (I'm fairly sure that some of the virus
alerts I've seen are caused by the virus being sent through an obliging, borked
server, then my system refuses the email at the SMTP layer, and the sender
then gets confused and thinkgs that the message (back in its queue) was "sent"
Perhaps a very small annual fee would be needed to maintain the keyserver(s)
links to the internet, etc. But $20 per key should go quite a ways. (^&
The two downsides: It does not yet exist, so it might take time to get
rolling. And this technology could not be legally exported from the
U.S. to certain countries (or indeed perhaps even used by people in
certain countries). Still, it might be worth doing.
Thoughts? Am I completely hosed here? Or could this work?
"I probably don't know what I'm talking about." http://www.olib.org/~rkr/