Authenticating Mail Servers

There are a bunch of exciting ideas out there about how to add some level of authentication to SMTP. It would be great to see these ideas get traction. While spammers forge addresses all the time, most of it doesn't affect Qurb users. Spammers must guess an address on your Approved Sender list to get through.

However, as whitelist solutions become more common, address forgery will become more common, and sophisticated too. At some point we'll need better authentication. Since SMTP doesn't have any authentication, it won't take much to improve.

There are probably many more variations on this DNS theme out there, but these are two proposals that I'm aware of:

A DNS RR for simple SMTP sender authentication

Designated Senders Protocol A Way to Identify Hosts Authorized to Send SMTP Traffic

Ultimately any successful proposal must be easy to deploy with on the software people are already running and it must be possible to adopt it incrementally. If the whole world needs to switch at once, it isn't going to happen. Leveraging the DNS seems like a good hack.