At 10:15 -0400 4/26/03, Kee Hinckley wrote:
At 6:02 PM -0400 4/23/03, Jim Youll wrote:
A writes to B B should be added to
A's whitelist
B does not reject[1] the message from A A should be
added to B's whitelist
The likelihood of spammers capturing a large percentage of all
(A,B) interactions and then generating forged messages to likely
(A,B) pairs is very low, since these are private interactions not
seen by others.
Low, but not non-existent. We've already seen spammers using
"close" email addresses in the from. It's not clear if these were
from mailing list or web-page grabs, or just using addresses in the
same corporate domain. We've also seen trojan's that grab your
address book and spam everyone in it. One assumes they could (if
they haven't already) use that address book for whitelisting spam.
I agree. It's useful. And it works now. But if we drive spammers
into a corner where the only out is using whitelisted addresses I
belive they will still be able to survive. On the other hand.
Driving spammers into forging real addresses makes gives you a wider
array of legal attack options.
Yes, but that's it exactly.
1. Whether you are talking about a civil or criminal proceeding,
depending on where the law goes and when, a court in general does not
like a party with "dirty hands" so this particular corner is useful
in that there have been and will continue to be successful
prosecutions of those who adopt the identity of others without
permission.
2. A massive increase in from: forgery would render e-mail generally
useless to all, and so I suggest, would rather quickly gain the
attention and sympathies of everyone up and down the food chain, from
law making, to law enforcement, to ISP and end-user. There are a very
few whose actions could ruin things for all, and I don't see how that
could be tolerated for long.
I still must say that neither you nor anyone else has much ability to
know with whom I correspond outside of the few I may respond to in
public forums.
Remembering that its purpose is only to assure that _clearly_
should-deliver mail is not caught up in an accidental trap, a
whitelist can even be a little more picky than matching to: and
from:, for example, including the expected SMTP source or originating
ISP. The worst-case events in the case of a whitelist miss are (a)
that something should notice that the whitelist may need to be
retrained; (b) the message is subject to the usual legitimacy tests
before it's delivered.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg