[anti-spam-wg@ripe.net] Anti-Spam measures
- Date: Wed, 26 May 2004 10:01:47 +0100
Hi everyone,
I've been watching this working group for some time now, as my company is
always trying to reduce the amount of spam originating from our networks. I
still haven't found any solutions that will work for us, but I have a couple
of Idea's that I'd like to share with you.
1. I notice that a large portion of SPAM doesn't have a valid return
address. My thoughts are that the SMTP server receiving any email should do
a reverse check, to confirm with the sending domain that the 'from' address
is valid, and if not, then it could reject the message. I know that this is
possible, and am sure that the spammers would find work around, but isn't
that what Anti-SPAM is about? We find a solution that cuts SPAM down, and
they work around it, but at least we'd make a difference for a while. This
check could also be incorporated into a desktop/personal spam checker.
2. This idea isn't complete, but maybe somebody here can help me out, as I
hope you will see that there is an idea buried in there somewhere. This is a
possible solution to prevent email being sent with faked 'from' addresses.
When I send an email from dave@localhost, I send my mail through
smtp.example.com which makes a note that I've just sent an email. The
records of how many mails I've sent are visible and you can see for example
that I've sent 1 email in the last 5 min, 3 in the last hour, and 5 in the
last 24 hours, and 30 in the last 5 days.
The receiving SMTP server (or this could be a SPAM checker on my desktop)
would receive a email from dave@localhost, and would check with my domain
that I have actually sent a message recently, and it can determine the
likeliness that I really sent this email. I know that a lot of people only
send email once or twice a week, so this would work especially well from
these addresses.
This idea can be taken forward in several directions, for instance a PGP key
is in a header field, so when I'm using a different ISP's SMTP server, you
can still check with example.com to confirm it's really from me. Another
option would be to keep more specific details regarding emails I've sent, so
the check with my domain can be more precise.
I can see that there is a privacy issue, because you can tell how many
email's I'm sending, but you would not have access to any content, and I'm
not so sure this is a problem for many people. The system would not have to
be compulsory, but if you choose to use it, your email address is far less
likely to be spoofed.
I look forward to hearing your thoughts on the above Ideas, and maybe some
people on this list are in a position to take these ideas forward into a
working solution, unless there are any blindingly obvious reasons why these
could never work?
Dave Bell
Redwing Satellite Solutions Ltd.
dbell@localhost