ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Hello- and my 2 cents

2003-04-26 12:29:38
from [Jim Youll] [Permanent Link] 
At 10:15 -0400 4/26/03, Kee Hinckley wrote:

At 6:02 PM -0400 4/23/03, Jim Youll wrote:
A writes to B B should be added to A's whitelist B does not reject[1] the message from A A should be added to B's whitelist
The likelihood of spammers capturing a large percentage of all (A,B) interactions and then generating forged messages to likely (A,B) pairs is very low, since these are private interactions not seen by others.
Low, but not non-existent. We've already seen spammers using "close" email addresses in the from. It's not clear if these were from mailing list or web-page grabs, or just using addresses in the same corporate domain. We've also seen trojan's that grab your address book and spam everyone in it. One assumes they could (if they haven't already) use that address book for whitelisting spam.
I agree. It's useful. And it works now. But if we drive spammers into a corner where the only out is using whitelisted addresses I belive they will still be able to survive. On the other hand. Driving spammers into forging real addresses makes gives you a wider array of legal attack options. 

Yes, but that's it exactly.
1. Whether you are talking about a civil or criminal proceeding, depending on where the law goes and when, a court in general does not like a party with "dirty hands" so this particular corner is useful in that there have been and will continue to be successful prosecutions of those who adopt the identity of others without permission.
2. A massive increase in from: forgery would render e-mail generally useless to all, and so I suggest, would rather quickly gain the attention and sympathies of everyone up and down the food chain, from law making, to law enforcement, to ISP and end-user. There are a very few whose actions could ruin things for all, and I don't see how that could be tolerated for long.
I still must say that neither you nor anyone else has much ability to know with whom I correspond outside of the few I may respond to in public forums.
Remembering that its purpose is only to assure that _clearly_ should-deliver mail is not caught up in an accidental trap, a whitelist can even be a little more picky than matching to: and from:, for example, including the expected SMTP source or originating ISP. The worst-case events in the case of a whitelist miss are (a) that something should notice that the whitelist may need to be retrained; (b) the message is subject to the usual legitimacy tests before it's delivered. 

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] NNTP IS Pull, deal with it, Vernon Schryver
Next by Date:  Re: [Asrg] A New Plan for No Spam / Velocity Indicator, J C Lawrence
Previous by Thread:  Re: [Asrg] Hello- and my 2 cents, Kee Hinckley
Next by Thread:  Re: [Asrg] Hello- and my 2 cents, Jon Kyme
Indexes:  [Date] [Thread] [Top] [All Lists]