Spam at one level is a security problem, it's the allowance of non-validated
sender to send messages impersonating other users.
Your example is "should a Cisco employee be allow to send a message from
anywhere without authenticating against Cisco" implies that Cisco doesn't
care who sends messages claiming to be from a Cisco. Easy example, is today
sitting at my desk I can originate a message from "John Chambers" letting
you know the quarterly earning are great! That's a security problem, the
message didn't originate from Cisco nor is this user authenticated...
If you're sitting on an airplane, customer site, etc., you should
authenticate in to your corporate network or send email via another channel.
Hotmail, Yahoo, AOL, etc. all have authentication before you can send email,
they can easily stamp, sign or otherwise endorse the message before it's
delivered on the network.
There is no reason that a MTA or MUA should in the long term allow
non-verifiable messages to arrive. It's the responsibly of the sending MTA
to stamp/sign a message on outgoing delivery. It's impossible to belive
that we can remove spam from the network, but what I want to see is good
senders not having to worry about their ability to send email and have it be
received (see recent FTC problems).
--koblas
----- Original Message -----
From: <gep2(_at_)terabites(_dot_)com>
To: <asrg(_at_)ietf(_dot_)org>
Sent: Wednesday, July 02, 2003 7:58 AM
Subject: [Asrg] Remote mailing
That's interesting when you think about it. Please offer some evidence
other than your personal assurances that Cisco would restrict employees
from sending mail with cisco.com sender addresses from random locations
including their homes, customer sites, hotels, and even airplanes in
order to stop that abuse of their trademark.
Chill. Any Cisco employee who is going to be connecting to the 'net for
work will connect to cisco over a VPN from said random locations and
would have full access to cisco SMTP servers. Ok, so it's unlikely, but
perhaps they can't send from cisco.com from their cellphones without
some work (some cellphones support SMTP already, and probably some
support smtp-auth as well). It's unlikely, but perhaps a VPN or
smtp-auth connection won't be practical from 30,000 feet. If so, so
their mail in these very rare cases comes from airline.dom or
cellphonecompany.dom. Big deal?
Good examples of places where you just don't have much choice is when
you're in
a sidewalk Internet cafe, or a public library, an airport waiting lounge
kiosk,
or a cruise ship Internet cafe. Or you could be at a customer site and
need to
mail, but need to do it (frequently the case) through one of their
systems.
Big deal? Well, it IS a "big deal" if those mails simply can't be sent,
or get
trashed and are never delivered.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support the Anti-SPAM Amendment! Join at http://www.cauce.org/
12/19/98: Partisan Republicans scornfully ignore the voters they
"represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg