Mark Rogers mark@quarella.co.uk wrote:
What I don't understand is why we don't yet have a simple validation capability within email. Eg: publish public key in DNS, sign email using private key, any email which is correctly signed you can be (almost) sure has come from the email client of someone allowed to send email from that domain.
What I don't understand is why haven't you set this up using TXT records in your DNS and told us how to try it?
I think it may fail because of bandwidth and CPU costs (CPU on my mailservers is already pretty occupied by filtering out the obvious spam, even with very little reaching amavisd or spamd) but I'd be interested to know how it fares. It seems no worse than other shared whitelist schemes and makes sending more expensive for spammers too.
Regards,