From: Dean Anderson <dean@av8.com> Subject: Re: Denial of Service Attacks disguised as Spam...

...

many respects, he is forging his identity and I cannot imagine that forgery is legal.

The ability to send anonymous email will probably remain protected. Also, the legal beagles I know tell me it is perfectly legal to use an alias as long as it is not done for fraudulent purposes.

Ah, but sooner or later, we're going to have fairly universal certificate based authentication of some type ( IPSEC and/or application layer ). Then it will be a simple manner of refusing unauthenticated connections as policy or desires dictate. Someone may be able to send anonymous mail but nobody will have to read it :) The low level stuff will provide the ability to reliably trace packet level attacks and perhaps make decisions at the router level. The higher level stuff will provide the ability to implement authorization rules at the application or server level. You want to deliver mail to my mail server, you better tell me who you are. You want to send packets through my router, you best be authenticated in some way. Gary Flynn Network Analyst James Madison University