on 8/2/2002 1:41 PM Paul Hoffman / IMC wrote:
At 12:39 PM -0500 8/2/02, Eric A. Hall wrote:
authentication wouldn't solve the problem either, as long as the
systems that send the mail are so easily compromised.
It would go a long way towards solving both problems.
How? Many of the copies of Klez that I am *still* getting are from
MTAs with whom I have had previous experience as sending OK messages.
I don't understand the argument you are making here.
"Both problems" are forged senders, either from worms that use a fake
reverse-path, or from malicious intent. Klez is an example of the former,
and the message that started this thread is ostensibly an example of the
latter (minus any additional substantive evidence).
Some form of mechanism for restricting the source(s) of mail to authorized
senders would defeat both of those problems, when it was used. It would
also defeat forged reverse-path addresses in spam, when it was used.
It would not defeat anything when it was not used. It would not stop all
worms and all spam in any event. It would "go a long way" towards solving
the problems, however.
What of this are you disagreeing with?
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/