ietf-asrg
[Top] [All Lists]

Re: [Asrg] 'GIEIS' - The Fifth Response

2003-07-03 13:09:31
On Thu, Jul 03, 2003 at 08:04:23PM +0000, Mark McCarron wrote:

On Thu, Jul 03, 2003 at 07:05:56PM +0000, Mark McCarron wrote:

   (1) In the short to medium term

    Devise a method of reasonably reliably identifying bulk spam,
    UCE or UBE and levying a charge on the senders (via any of their
    upstream carriers, financial pain having the properties that it
    does) which approaches that of any other method of commercial
    or non-private bulk message delivery and most of the TECHNICAL
    NETWORKING problems associated with spam - which are almost
    entirely due intractable volumes of traffic - would rapidly
    disappear.

Mark's Response:

The problem with this suggestion is that spammers are difficult to
trace and even when traced there lacks the proper legal frameworks
to do much about it.


Spammers are only difficult to trace because there has been, until
recently, little incentive to trace them and no sanctions placed
on any injection points (which certainly can do most of the
necessary tracing if well configured) for failure to do so.


Mark's Response:

No.  The Internet crosses many legal boundries across the planet.  With
anonymous connections such as those by proxy (SOCKS, HTTP, etc) and 
those
by extensive proxy chains, simply back-tracing a tranmission is a legal
nightmare.  Imagine attempting to get server logs from 40 or 50 
different
countries and then not even being guarenteed that the culprit is still
there at the end of it all.  'GIEIS' would eliminate the need for all of
this.

So would simply requiring reverse DNS as well as a record indicating 
whether
or not an IP address has been designated as an MTA.  This would make all of
the open proxies, hacked desktops, and dynamic IP ranges unable to send 
mail
directly to a site's MX server, forcing them to use an ISP's SMTP gateway.
What you would have left is legitimate MTAs (some of which may be open 
relays).
This is essentially where we are headed at our site by putting these sorts 
of
things into place gradually.
--


Marl's Response:

I am afraid that would not work.  Spammers would just use lists of 
resolvable domain names.  Also, some form of centralisation would be 
required to maintain the list you describe.  Another problem would arise 
from sending authorisation requests cleartext over the Internet, these 
could be intercepted and responded to allowing spammers access.  This is 
exactly what 'GIEIS' architecture eliminates completely.

The centralization you refer to is easily accomplished via DNS records.
"Authorization" is accomplished via simple DNS lookups much the same as
we currently use DNSbl lists already today.
-- 

Steven F. Siirila                       Office: Lind Hall, Room 130B
Internet Services                       E-mail: sfs(_at_)umn(_dot_)edu
Office of Information Technology        Voice: (612) 626-0244
University of Minnesota

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg