Adam Back wrote:
On Thu, Mar 06, 2003 at 04:05:52PM -0500, Chris Lewis wrote:
Even with the birthday paradox attack, the spammer will have to send
out hundreds of forged DNS packets in order to have a good chance of
getting a bogus entry the target's DNS cache. This is both very
detectable and it also greatly increases the amount of work that a
spammer has to do.
I've not been following this in great detail, but I'd like to comment on
this point. It's worse than that. It has to trick every recipient.
That depends on how RMX would be deployed. I read the proposal to
suggest it would be deployed at mail hubs to defend against receiving
mail from IPs other than those the domain owner has delegated as being
allowed to. In this case all the attacker has to spoof is the mail hub.
Sorry, I meant to say "trick every MTA", because it has to flood
(something) for each MTA it tries to attack. Which'd mean that it'd
only be economic to spam _very_ large MTA farms, and maybe not even then.
So, yeah, you can spam a teensy bit, but the amount of overhead is too
high to do it in sufficiently high volumes to be useful.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg