Project info for Signed Envelope Sender

Share This Created 17 Mar 2005 at 18:37 UTC by pjames.


Freshmeat page: N/A


Signed Envelope Sender is an SMTP Anti-Forgery technology. If implemented it will prevent forgery. A very basic description of SES is a challenge response system for SMTP by employing a separate call back service using a lightweight one packet UDP service. The service is used to send a previously generated hash value to the service that the e-mail in question claims to have originated from. If the result of the query is positive the mail is accepted as valid, if not, its rejected. This results in pre-DATA (RFC2821) rejection and thus is both lightweight, cost effective, and very desirable.

If SES were fully deployed it puts the burden of proof upon the right place, the sender, not the recipient (this is why Domain Keys for example is stupid and (puts tin hat on) I surmise that it is a ruse to facilitate rampant abuse of public cryptography with the mindset of doing to SMTP what Verislime has done to HTTPS.

License: Apache Derivative

This project has the following developers:

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

Share this page