[SpamAssassin Wiki] New: TrustNetNotes

[sp...@incubator.apache.org]

   Date: 2004-09-16T02:15:28
   Editor: MalteStretz <ms...@apache.org>
   Wiki: SpamAssassin Wiki
   Page: TrustNetNotes
   URL: http://wiki.apache.org/spamassassin/TrustNetNotes

   some braindump

New Page:

= Notes About A Possible "TrustNet" PlugIn =

''This page is my braindump for a bunch of PlugIns which I summarize under the name TrustNet.
Their intention is to WhiteList people one exchanges mail with based on the WebOfTrust between the the sender and the recipient.
Comments welcome.'' (MalteStretz)

Current ideas:

== PGP ==

 * Use PGP to try to find a trustpath.
 * Checking the direct trust should be relatively simple if one has access to the user's keyring. But what about server side filtering?
 * Is it feasible to query servers for an indrirect trust path, too?  What's the overhead?

== FOAF ==

 * How can we incorporate [http://www.foaf-project.org/ FOAF]?  Querying the website each time has quite some overhead, some caching is needed.
 * How to access?  XML-RPC or some DNSDB gateway?  (Have you noticed that DNS gets abused for quite some things?)

== Web-O-Trust ==

 * The [http://web-o-trust.org/ Web-O-Trust] project is relatively dead, maybe we can revitalize it.
 * It should be possible to implement the Web-O-Trust syntax in XML and put it into FOAF files.

== LOAF ==

 * I dont't like the idea at all, but [http://loaf.cantbedone.org/ LOAF] might be worth looking into, too.

== Geo info ==

 * [http://www.corante.com/many/archives/2004/03/19/loaf_social_email_filtering.php This] posting about LOAF made me think that it might be possible to use a website's published Geo information (how near am I geographically to the sender).

== Querying Addressbooks ==

 * I already implemented a [http://msquadrat.de/archive/04/03/22/01 quick hack] for to query my KAddressbook from KMail for qhitelisting.  What about querying LDAP servers?