[Top] [All Lists]

Re: making mail traceable

2004-01-21 10:26:26

Had to think about that for a while ;-)

On Mon, Jan 19, 2004 at 06:31:44PM -0500, Keith Moore wrote:
either way, the spam is traceable to an account that is associated with 
you.  recipients of the message can complain to whichever ISP issued 
the originator-id field, and that ISP will figure out pretty quickly 
that you're a spammer, and blacklist you.

This is true. But how big a loss is it to loose one account at one
public email provider when you can have the next account anonymous in 10

the real trick is to prevent the other kind of attack - some miscreant 
wants to discredit some vendor, so they take a single message that the 
vendor sent legitimately and re-send it to a few million people.  we 
need to make sure that the message is traced to the miscreant, not the 

Currently all discuss methods where a MTA builds a hash over a
message and sends it on. How about if the MTA incorporates into the hash
the name/address of the MTA it will deliver the email to and adds this
hash information to the message as it is sent? That way a "look ahead"
information would be added and it would be a lot harder to fake the
MTA chain.
Maybe if we introduce Sent: lines with a semantic similar to
Received: lines it would be enough to build a hash over the Sent:
line that would be added and the Received(s) line the MTA adds when
receiving the message and the Sent: line from the MTA it received
the message from to build a trustable chain?

So sending a message to you, our mailserver would build a hash using e.g.

Sent: to (
  by with SMTP; 21 Jan 2004 16:00:28 -0000;
Received: (qmail 85650 invoked from network); 21 Jan 2004 16:00:27 -0000
Received: from (
  by with SMTP; 21 Jan 2004 16:00:27 -0000
Sent: to (
  by with SMTP; 21 Jan 2004 16:00:27 -0000; #moebius2_hash#

and insert the hash at the end of the second line above.


SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"