Error27's Journal: Spam thoughts

I get a lot of spam from people claiming to be Washington Mutual Bank. I think the way to stop this kind of spam is through email servers automatically signing things.

Basically each TLD would have a very secret key. When you register your domain name they would sign your public key. Then when you would set up your email server to sign every outgoing email. Your email server would also send a signed copy of its public key with each email.

Then say I recieve your email. My email client would verify that the TLD had signed your public key and that the email had originated from you and that you are Washington-Mutual-Bank.com.

The previous paragraph illustrates a flaw in my plan. You could just register a legit sounding domain name and send spam from that... But overall I think it's a good plan. It wouldn't cure the problem, but it would certainly help.

[I've left out a bunch of implementation details on purpose, but it would be simple enough to implement this.]