[unisog] Good spam forgery getting me.
feldt at nhn.ou.edu
Thu Dec 16 21:10:16 GMT 2004
Russell Fulton wrote:
> The only way to combat this sort of trickery is by using crypto to
> verify that the message really did pass though the MTA as claimed.
> (signature based on PK encryption of message ID? No I'm not advocating
> this! It would probably create more problems than it solves)
There is already a project which does something close to this. Take a
look at the description of SPF (Sender Policy Framework) at:
It is not a cureall, but could be one of the pieces that helps solve
the puzzle. Note that you must also implement SRS (links at the
above site) to deal with forwarding e-mail. But, it may be a small
price to pay given the other costs involved with the current situation.
Senior System Support Programmer
Affiliate Assistant Professor
Department of Physics and Astronomy
The University of Oklahoma
More information about the unisog