Notes About A Possible "TrustNet" PlugIn

This page is my braindump for a bunch of PlugIns which I summarize under the name TrustNet. Their intention is to WhiteList people one exchanges mail with based on the WebOfTrust between the the sender and the recipient. Comments welcome. (MalteStretz)

Current ideas:

PGP

This would be a very good idea. The bigist problem is the resorcese and time it would take to check the signatures of a message and then find the chain between the servers key and the senders key.

I think it would be a good idear to give each instalation of spam assasin its own gpg key and use that key to sign the keys of the users of the server and the keys of any other servers that are used at the same site or are cominly comunicated with. This way you are only finding the key chain from one key to the sender and the cache database would be easer to implement.

FOAF

Web-O-Trust

LOAF

Geo info

Querying Addressbooks

Social Networks

Six/Four

Using From For Whitelisting Problems

One common problem that appears when using just email addresses for whitelisting, is that spammers routinely fake the From address to appear to be

if we use just the From address with an address-based whitelisting scheme, it will be vulnerable.

The solution is to either:

TrustNetNotes (last edited 2009-09-20 23:16:29 by localhost)