Dear Phillip On 8/12/25 6:35 PM, Phillip Hallam-Baker wrote:
The solution to this problem is to change the email system to one that doesn't require ad-hoc hackery like the Spamhaus block list. And building such a system is actually quite easy: every user has an identity bound to a public key, every message is signed, only authorized messages are delivered. Could give you a spec and working code for that in three months, easy,Looks like in this example Google is not accepting DKIM signed E-Mail, which is somewhat similar to the solution you propose.
The hard part, the only hard part is changing the email system. How do we get from where we are to where we want to be?
Easiest way I think would be via new headers. Slowly over time updating MTAs etc. to use these. Autocrypt has been fairly successful in this IMO, thought slightly different use case. However the problem is getting large providers (e.g. Google) to actually use these - to this I don't have a solution.
In my (extreme) opinion, a mail server that fails to deliver E-Mail to a user because of source IP address, is a non-functional mail server. If they consider it "spam" and send it to the spam folder, it is still acceptable; the user can choose to read it. But outright rejecting it is a bug.
Regards, Raghu Saxena
Attachment:
OpenPGP_0xA1E21ED06A67D28A.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
