Follow Slashdot stories on Twitter


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Keys are not the answer.. (Score 2, Insightful) 222

by eplossl (#18517113) Attached to: PayPal Asks E-mail Services to Block Messages
Unfortunately, SPF and DomainKeys (DKIM) are not the answer to verifying mail. Currently, as has already been discussed thoroughly, the adoption rate for both of these among legitimate senders of mail has been abysmal. Those few who have adopted these tools are in the minority, and as a result, it is impossible to rely upon these tools as definitive proof that a message is legitimate.

Compounding this problem is the fact that there is NOTHING in place to stop spammers from setting up a SPF record or perhaps a DKIM record for their domain. Some do not, but there are enough who do to make it nearly impossible to either accept or discard email specifically based upon these tools.

Spam is notoriously hard to identify. Unfortunately, the only way to totally resolve this issue would be to develop some sort of method by which to identify legitimate senders and also to preclude people sending spam from being identified as legitimate. Given our current technology, this is not currently possible.

The only way I can think of to eliminate spam on the internet would be for the Internet community to completely discard the current email structure and completely overhaul it to include some sort of sender verification, along with non-spam verification of mail.

IF I HAD A MINE SHAFT, I don't think I would just abandon it. There's got to be a better way. -- Jack Handley, The New Mexican, 1988.