you just give contacts for the passwords with which you have received a new one. each potential person that can send email to your email address, gets a unique password from you. sending person/maillist 1 gets password abcdefg to send to bla@example.com (no matter from which email address) sending person/maillist 2 gets password 123545 to send to bla@example.com (no matter from which email address) email clients should be modified to include the password: field both in the email itself and in the header entry field (to: from: subjecT: or just store them together with the destination address in the address book mailservers (the maildrop part) should be modified to parse the Password: header, compare it to the list of currently allowed passwords for the destination email address and then either drop to the mailbox, or bounce. (we did this in our test setup by simply parsing the entire email, so the password could be -anywhere- in the email :P ofcourse the Password: line should be only sent to the recipient, not to other Cc: or Bcc: target addresses of the same email, the first stmp server in the chain should solve this bit. actually, durign our tests, we turned off all the header verifications, RBL's, etc on our smtpds, and the only spam that got through were emails that accidentially contained the password string in a binary attachment (as we parsed the entire email .. we should not do that, just teh Password: line in the final version :P and stuff where we gave, for example, nanog, the password "nanog" and then nanog is cc'ed in a spam both of which cases can be solved with the standardization of the Password: field once this is in place, all smtpds can go open relay again, port 25 can be opened again on eyeball networks, RBLs and graylisting can remain at home, and the SMTP email system will be 100% spam free and reliable and real-time. (there are several other features which have been removed from most smtpds to "stop spam" such as accepting ip addresses rather than domain names in the target email address, which can then return) all the other stuff never stopped spam, it just made smtp email unreliable slow and no longer an option for 99% of the things where email was used for before, and skype, msn and facebook are used for today. this system -does- stop spam, but the disadvantage to this system is that by implementing it, smtp email is no longer suitable for "initial contact" (well you could ofcourse place passwords in whois and on your website for your hostmaster/sales box so random people can still make initial contact over smtp, or simply accept all passwords on those boxes, on which then there WILL be spam.. ;) i'd say, smtp no longer being "open for any random idiot to mail any other random idiot without knowing each other first" is less of a disadvantage than taking the whole thing slowly die by making it less and less attractive as a means of communications (slow, unreliable and not real-time, and still with spam coming in by the 1000s, which it is due to "conventional" attempts to stop spam) -- Greetings, Sven Olaf Kamphuis, CB3ROB Ltd. & Co. KG ========================================================================= Address: Koloniestrasse 34 VAT Tax ID: DE267268209 D-13359 Registration: HRA 42834 B BERLIN Phone: +31/(0)87-8747479 Germany GSM: +49/(0)152-26410799 RIPE: CBSK1-RIPE e-Mail: sven@cb3rob.net ========================================================================= <penpen> C3P0, der elektrische Westerwelle ========================================================================= Confidential: Please be advised that the information contained in this email message, including all attached documents or files, is privileged and confidential and is intended only for the use of the individual or individuals addressed. Any other use, dissemination, distribution or copying of this communication is strictly prohibited. On Thu, 7 Oct 2010, Valdis.Kletnieks@vt.edu wrote:
On Thu, 07 Oct 2010 12:10:37 -0000, Sven Olaf Kamphuis said:
If what you're asking under point c is "what happens if a system that contains such a password for your email address gets compromised" the answer is simple, you remove that specific password from your approved passwords list
140 million or so compromised systems. You may be spending a lot of time removing compromised passwords from your list - and even more problematic, notifying everybody of the *new* password(s) they should use to e-mail to you. So far this month, I've seen 4,964 mails from 1,090 different From: lines (mostly due to a subscription to the linux-kernel list, which is a true fire hose), and some 250 different SMTP MAIL FROM: sources.
(note that on the receiver side, the password is not linked to the source email address, senders can use any source email address they want, as long as one of the currently active/accepted passwords is in the email)
We'll overlook the fact that if the password isn't linked to the source address, then *any* sender can use any source they want, as long as as it's known that *some* sender used '97%-chicken-teriyaki' as a password. And with 140 million compromised boxes, there's a basically never-ending supply of credentials to be stolen and used.
remaining problems with this system are: by lack of a standard header for Password: which should be supported by all clients, address books, online shops, mailinglists, we put the password in the email, which means, that on Cc:'s and forwards etc the password got forwarded along with the email, potentially giving other people the password too.
And you recognize that your scheme leaks said passwords, but that's not a fatal problem.
Now, this is -100%- spam stopping, smtp can be as open relay and you want, the internet can be full of compromised windows boxes chunking out tons of crap, but you won't get any spam, just mail from people YOU choose to deal with, by actively -giving- them a password yourself, which you can also -revoke-.
So explain to me in *detail* - you're in the To: line of this mail. I don't believe I've sent to you in the past. I acquire a password valid to send you this e-mail, how, exactly? After all, I can't e-mail you and ask for one...
After that, explain how a Hotmail user migrates to GMail (or vice versa) and retains their ability to contact everybody they used to contact.
You might want to look at this:
http://www.rhyolite.com/anti-spam/you-might-be.html
and see how many of the entries in the list apply to your proposal. (Nothing personal - I don't think *any* realistic anti-spam proposal can get much traction unless they've at least *thought* about every single bullet point on that list).
Further discussion is probably best on SPAM-L.