Genes MailLists
lists at sapience.com
Tue Nov 30 12:44:19 UTC 2010
On 11/30/2010 06:48 AM, Tim wrote:
> On Mon, 2010-11-29 at 19:17 -0600, Ranjan Maitra wrote:
>> Is it that difficult to spoof an e-mail address and post pretending
>> from there?
>
> The current email systems don't have any way to enforce correct
> identification of a sender. So you can write (almost) whatever you like
> in the "from" address header. It may have to be potentially valid,
> depending on the checks done by a mail server, but they only check that
> the address is well-formed, not whether it's actually correct.
Mailers do actually have a way - DKIM does exactly that - so if we
required DKIM that would help.
Pros:
* Obvious
Cons:
* would limit posters to DKIM compliant mail (like gmail and
yahoo and those that turn it on). Not sure how much of a limitation this is?
* Some work to turn this on.
* the fedora-xxx mailers probably would also need to use DKIM
* the list server would need to made DKIM compliant (would
seem to be rude to require DKIM but not have list be DKIM compliant
after all !!)
* Resources - would there be interest enough and resources to
do this.
I believe it is a worthy goal ... LKML passes through a lot more spam
from what I see - which may suggest that the fedora list registration
process to post does add frictions for spammers in practice.
gene/
More information about the users
mailing list