I've started using GPG to sign my email. It was easy; Install FireGPG and generate a key.
In order to send signed emails, FireGPG contact's GMail's SMTP server directly. Fair enough, but that got me thinking...What about having an SMTP server that only delivered signed emails where the signature checked out against some public keyring, and the signer wasn't marked as unauthorized due to abusive behavior? You could have an anonymous relay that operated in that fashion.
Add in a "X-Server-GPG-Signature" header in the email, and an email provider using such a technique could garner a decent reputation, and thus get more or less a pass by any anti-spam filters in the next stage of the email relay.
I'm sure the idea isn't new. I suspect, though, that all that's needed are a few seed SMTP servers that operate in this fashion.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment