On Wed, 21 Aug 2002, Avleen Vig wrote: :I have a feeling I understand what you're trying to accomplish, but maybe :we should work at this from another angle - what are the more basic :problems oyu're trying to fix? Spam? Lack of encryption? Remote relaying? :Understand that they are NOT the same problem and should be handled :seperately. You can't say spam is a 'security' problem - it's a social :problem. Spam is very much a security problem. Spam would not exist if both MUA's and MTA's had adequate policy enforcement features on them, so that users could set granular controls on what was allowed into their mailboxes. Policy enforcement is explicitly a security function, and spam can even be defined as any message that relies on this lack of policy enforcement tools for it to be delivered. It is not a social problem, or even a matter of personal taste if it leverages the inability of the user to enforce a policy on what enters their mail servers. TMDA (Tagged Message Delivery Agent) is an excellent example of how policy can be set on MTA's and MUA's. It's rough ( tmda.net) but IMHO, it offers a glimpse at what the future of mail delivery is going to look like. Any attempt to circumvent the policy becomes (by definition) a network policy violation, and unauthorized access, and there are social and legal tools to deal with unauthorized access. I can see why this group is looking at adding features to SMTP, as everyone understands that it is limited, and those limitations have become an expensive liability. Meaningful Secrity/policy enforcement options would be a welcome addition to both MUA/MTA software, or maybe even the protocol itself. Cheers, -- batz