Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • ... because there are perfectly legitimate reasons to want to send mail anonymously or from a throw-away account. For example, I might want to send mail to a corporation criticising their customer service, but not want them to have my real address anywhere on file. Or I might want to ask a question about my embarrassing disease on a mailing list. Or a question about an area I'm meant to be an expert in, and I'm afraid my employer might fire me if they find my post in the list archives.

    No, the way to st

    • Calculating the signature wouldn't be a difficult problem that takes 30 seconds to calculate. But it would slow sending email down a little. An important feature of the system would have to be that something is calculated for every single recipient address. Also, there would have to be a mechanism that prevents calculating the signatures in advance. Perhaps the receiving servers sends a nonce that must be included in the signature.
      • The hashcash FAQ is here [hashcash.org].
        • I was thinking about using something similar for the authentication of sending to recipients. One lack of that scheme is that it doesn't include the sender in the calculation. It still allows forging the sender address. I was also thinking about having the receiving server send a nonce that need to be included in the calculation. This makes it difficult to precomputer

          One reason to put the authentication in the SMTP protcol is that the sender and recipient addresses are well defined there. Email clients have a harder time knowing what addresses was sent to and which address to look at. Not to mention the problem of exposing the email addresses that were sent to.

          I think anonymous email is important. The problem with the current mail system is that anyone can forge any other email address. In an authenticated system, you couldn't send anonymous email as any other user, but you could use a random address from a special domain. The servers for anonymous email would have severe restrictions on how much email could go through them so they couldn't be abused by spammers.