ietf-822
[Top] [All Lists]

Re: authenticating the source of mail

2002-05-07 13:21:21


Keith Moore wrote:

for instance, if major ISPs processed authenticated mail faster than
non-authenticated mail, this would provide some incentive for sites
to authenticate.

Spam doesn't go away, it just gets delayed. Spammers don't care if the
spam is delayed. Meanwhile, the people that do care are pissed that they
have to go through extra effort to get past the asshole postmaster.

similarly, if businesses refused to accept any non-text mail that
wasn't authenticated (bouncing such messages or issuing MDNs saying
an attachment was deleted) then sites would have a reason to
authenticate.

This is getting closer, but I don't see businesses wanting to even imply
that mail from potential customers is not going to be accepted. What if a
customer's mail client send multipart/alternative by default?

These items are useful for increasing the visibility of signed mail, which
is certainly important with an elective system. If you can get signed mail
to a usage level where people think that unsigned mail is weird, then it
becomes feasible to start enforcing signatures. However, I don't really
know how practical any of these measures are (see above), so I'm not sure
that they will actually encourage an increase in the use of signed mail.

Also, consider things like network appliances that send activity alerts
without signatures, so there will always be a high percentage of mail
which is unlikely to be signed for decades to come. This means that
enforcing signatures within the elective infrastructure will always be
undoable as a baseline filter, and that the necessary perception levels
will not be reached.

Not harping, but that is one of the benefits of a new model. The default
scenario is that mail is trustworthy, so stuff from outside the network is
automatically presumed to be untrustworthy. Even the SMTP client in your
disk array is no longer believable. Unsigned mail is weird from the very
beginning.

the other trick is building an infrastructure that allows
authenticated mail to be verified and traced to the source, and one
which facilitates quick reporting and suppression of sources of
abusive mail.

Yeah, the suppression part is the principle merit of verified recieved
headers. If the evidence cannot be easily forged, then it makes the
remaining information believable as evidence, and more easily actionable.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/

<Prev in Thread] Current Thread [Next in Thread>