Yahoo! Media Relations – Press Release
bq. When an email message is received from a particular domain, the receiving system verifies the signature with the sender’s public key that is published in the public Domain Name System (“DNS”). If the public key cannot verify the signature, the identity of the sender is not validated and the receiving system’s local anti-spam policy should be applied.
This sounds like a fantastic potential solution to address spoofing, which I think would go a long way towards fighting SPAM’s insidiousness. Congrats, especially on a fully backwards compatible idea, that doesn’t interfere with sending email to non-participating types 🙂 Afterall, if everyone had to give a real address (or we knew which servers to block) then filters could be much more aggressive.
p(update). “(extlink)Microsoft’s SPAM proposal”:http://www.microsoft.com/mscorp/twc/privacy/spam_callerid.mspx has been published. Not as impressed. Seems like it would be easier to spoof at the packet level though.
Yahoo Anti-SPAM Proposal
Tags: age · ANT · ci · email · HTML · it · microsoft
Yahoo! Media Relations – Press Release
bq. When an email message is received from a particular domain, the receiving system verifies the signature with the sender’s public key that is published in the public Domain Name System (“DNS”). If the public key cannot verify the signature, the identity of the sender is not validated and the receiving system’s local anti-spam policy should be applied.
This sounds like a fantastic potential solution to address spoofing, which I think would go a long way towards fighting SPAM’s insidiousness. Congrats, especially on a fully backwards compatible idea, that doesn’t interfere with sending email to non-participating types 🙂 Afterall, if everyone had to give a real address (or we knew which servers to block) then filters could be much more aggressive.
p(update). “(extlink)Microsoft’s SPAM proposal”:http://www.microsoft.com/mscorp/twc/privacy/spam_callerid.mspx has been published. Not as impressed. Seems like it would be easier to spoof at the packet level though.