Spam

[Pete Chown]

Ken Brown wrote:

> The real problem with spam is forged "from:" headers.

Interestingly, with the Jabber protocol you can't do this.  When a 
Jabber message is handed off to another server, it includes a token 
which would typically be some kind of MAC.

The receiving server then resolves the SRV or A record which it would 
use to reply to the message it has just been given.  It connects to this 
server and passes the token.  The authoritative server then gives a 
response indicating whether the token is valid.

The idea is that a company's own Jabber servers all share a MAC key 
which is not known to anyone outside.  This means that any of those 
servers will be able to send messages on behalf of the company, but no 
one else will.

Adding something like this to SMTP might help control spam, although 
there would be practical difficulties such as teleworkers who send 
company mail through their "home" ISP.

-- 
Pete