Anti-spam SMTP mods

[Brian Densmore]

> -----Original Message-----
> From:	Dustin Decker
>> How 'bout this:
>> 
>> Why not just have all mail servers setup with their own GPG keys, listed
>> on some public GPG servers, (in a way like the root DNS servers,
>> redundant and self propagating) and have them all sign the header
>> portion of an email upon sending out.  When the receiving SMTP server
>> downloads the email, it also downloads the GPG key from a keyserver if
>> available (or use a cached one, much like cached DNS records, giving you
>> the option to cache them or not, and a certain timeout period), to check
>> the headers are actually from the sending server, unforged and
>> unmodified?  If not, it rejects the email outright, and sends it to
>> /dev/null...
>
> The problem, of course, with any solution he offers is that it will likely
> require the use of Microsoft Exchange Server or something equally expensive,
> overbearing, and worthless.
I don't think this is what he has in mind. I think his "stamp",
which will be a patented form of PGP, only "different" and "new"
and "stronger" and "more secure" and did I mention "patented", will
be given to the world standards body as a standard and users will be
able to use his patented "stamp" for a minimal fee per email. Let's see
.0005 cents per email x 20 emails per user x 300 days x 1,000,000,000 people
= $3,000,000,000 annually. Hmm, not very profitable for 15 hours worth of work to come up with an 
encryption algorithm. Not to mention he'd have a lock on the entire web this way.

I see only one stumbling block to the GPG server problem, the encryption which is illegal in some 
countries, and the import/export encryption crap with the US. But, I like the idea. Of course I 
doubt this will solve the problem of rooted servers, still generating good keys. Also you will see 
pilfering of keys become a whole new industry. Still, i think in the end it would reduce an 
enormous amount of spam.