Brad Knowles wrote:
At 2:14 AM -0400 2003/10/07, Ken Hirsch wrote:
Worst, there is no feasible way of determining whether or not a
particular IP address is trustable, except to watch its behaviour and
see if it does anything untrustworthy. Even then, you'd have to make
sure that the IP address wasn't spoofed, or that the connection
wasn't hijacked, etc....
This is a fundamentally unsolvable problem.
Of course you can't absolutely guarantee that a server won't be hijacked,
but that's no argument for the current system where all IP addresses are
presumed innocent. Barring perfection, you can have a system where you do
have some assurance of trustworthiness. The very minimum standard should be
that you know who's responsible for the server.
Where is the analysis that it won't scale? It seems to me that the
current system where AOL has to block 2 billion spams a day is the
one that has high overhead.
The blocking of 2 billion spams a day is not scalable. Trust me,
I worked there, and I helped create the first generation of the
anti-spam controls that were used. We ended up having to write our
own MTA in order to get the level of control we needed.
I don't get what point you're trying to make here. If we have an effective
system for deterring spam, that's going to reduce the load on the servers.
However, this issue is not relevant to the subject of whether or
not they decide to trust a given set of IP addresses, or refuse to
trust a different set of IP addresses. The concept as a whole is not
scalable, regardless of which trust model is employed.
Analysis, please. And define "scalable" please. I see there's overhead but
it looks to me that the overhead scales linearly and the work can be
distributed among servers rather easily.
Also, remind me what scalable solution to spam you are for. If I recall
correctly, you're against RMX, challenge-response, as well as PKI
authentication. So what solution are you for? Does it have less overhead
than authentication?
But I won't give up on authentication, because without it all the
other proposals are a joke. The criminals will run their own name
servers and abuse any consent-framework.
Right, and they'll be perfectly happy to be completely
authenticated and identifiable. And they'll exist in other countries
where you can't touch them legally, and you're right back where you
were.
If it turns out that some countries decide to become spam havens, then there
are means for controlling that. Systems that require cash up front (e.g.
www.bondedsender.org) do not require cooperation of the authorities in
another country to enforce agreements nor particularly strong identity
requirements. And there are other ways.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg