ietf-asrg
[Top] [All Lists]

Re: pros and cons of RMX (Re: [Asrg] Declaration to the world)

2003-03-06 15:53:01
On Thu, Mar 06, 2003 at 04:05:52PM -0500, Chris Lewis wrote:
Even with the birthday paradox attack, the spammer will have to send
out hundreds of forged DNS packets in order to have a good chance of
getting a bogus entry the target's DNS cache.  This is both very
detectable and it also greatly increases the amount of work that a
spammer has to do.

I've not been following this in great detail, but I'd like to comment on 
this point.  It's worse than that.  It has to trick every recipient.

That depends on how RMX would be deployed.  I read the proposal to
suggest it would be deployed at mail hubs to defend against receiving
mail from IPs other than those the domain owner has delegated as being
allowed to.  In this case all the attacker has to spoof is the mail hub.

I think you're presuming it is implemented in the mail-client, and say
checked on download or on first read or something.  In this latter
case it would be pretty hard to reliably use DNS spoofing to spam.
But I don't think that was the intent.

Adam
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg