Hallam-Baker, Phillip said:
How many tarpits are set up to be proof against a subversion attack?
Do they authenticate the information they use for targetting?
What happens if someone poisons the distribution of the RBL?
There's some incorrect use of terminology here; a "tarpit" simply answers
queries slowly, affecting only the TCP connection from the SMTP client.
There's no "hackback", there's no RBL use, there's nothing there to
subvert in order to cause attacks on third-party targets.
Running an SMTP transaction very very slowly will not cause any damage,
except possibly to cause resource limitation issues if the SMTP client
machine is operating a huge number of connections simultaneously -- ie.
a spammer (or a very large bulk mailer, conceivably).
"Honeypots" may be a different matter, though.
--j.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg