ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] 4. Survey of Solutions - Methods of Authentication -Trojans

2003-11-30 17:47:22
from [Chris] [Permanent Link] 

I have written about this in another thread, but I think it is worthy of
repeating.



1. Verifying that the sending IP address is a legit MTA.
PROBLEM: Spammers use hacked or virus infected machines to send spam.


Re: Trojans, hacked machines, broken formmails etc....

All areas of the internet must be tightened to minimise the impact of such
attacks, we cannot do that alone!

Most (not all) spammers are laymen, they rely on other peoples software to
do the job for them.

If anyone think spammers will move en masse to trojan systems to continue
their habit, I believe they are sadly mistaken.

They spam currently because they can. But if it means becoming technically
savy, and deliberately hacking into other peoples machines. I doubt many
will follow this path.

How many trojan writers will advertise their wares on a commercial
basis?

Some I am sure. but not enough to return the Internet to the bad old days
err... today!

IN SUMMATION

This is a problem that will continue ad infinitum but not on the scale that
we see Spam today.


Regards
Chris




-----Original Message-----
From: asrg-admin(_at_)ietf(_dot_)org 
[mailto:asrg-admin(_at_)ietf(_dot_)org]On Behalf Of Yakov
Shafranovich
Sent: Sunday, November 30, 2003 6:45 PM
To: ASRG
Subject: [Asrg] 4. Survey of Solutions - Methods of Authentication


I wanted to start this thread to discuss different methods of
authentication in email. All of these simply prove that the sender is
authentic increasing traceability and reducing forgery, they do not stop
spam by themselves. However, they force spammers into a corner, where
they can be dealt with easier.

It seems to me that we have the following (this will hopefully become a
draft):

1. Verifying that the sending IP address is a legit MTA.
PROBLEM: Spammers use hacked or virus infected machines to send spam.
SOLUTION: Allow the owner of the IP address to indicate that this
specific address cannot be used for sending email.
EXAMPLES: MTA Mark, centralized white lists for IP addresses (carrot and
stick), digital certificates,
ISSUES: Many users are not necessarily the real IP address owners.
Centralized systems have DDOS and power-grab issues. DNS-based solutions
have security issues.
SPAMMER WORKAROUNDS: Having a spammer friendly ISP, hacking DNS servers,
cache poisoning. Use a hacked computer that is legit.

2. Verifying that the sending IP address has permission to send email
for the domain that it used in HELO and MAIL FROM commands.
PROBLEM: Spammers tend to use return addresses of other valid domains in
order for their email to appear legitimate OR on purpose in order to
cause problems to the domain owner ("joe-job").
SOLUTION: Allow the owner of the domain, or a trusted third part to
specify which IP addresses are authorized to send email for that domain.
EXAMPLES: LMAP, DRIP, digital signatures and certificates, manual white
listing
ISSUES: Centralized systems have DDOS and power-grab issues. DNS-based
solutions have security issues.
SPAMMER WORKAROUNDS: Owning their own domains. Stealing someone else's
DNS, cache poisoning. Use a hacked computer that is legit.

3. Verifying that the sender's email address used in MAIL FROM is valid.
PROBLEM: Many times the spammers forge the originator's email address in
order to avoid bounces, to avoid detection, or for "joe-jobbing".
SOLUTION: Have the sender's MTA or the sender himself verify his
validity, use a centralized system for verification.
EXAMPLES: C/R and CRI, RCPT TO callback, digital signatures
ISSUES: Centralized systems have DDOS and power-grab issues. Existing
MTAs tend not to cooperate with callbacks. Users do not want to answer
C/R challenges. Anonymous email is killed.
SPAMMER WORKAROUNDS: Using someone else's valid email address, use their
own domains that answer "yes" to all callbacks and C/R challenges.

4. Verifying that the sender actually sent this specific email message.
PROBLEM: Many times the spammers forge the originator's email address in
order to avoid bounces, to avoid detection, or for "joe-jobbing".
SOLUTION: Have the sender's MTA or MUA verify that the sender actually
sent the message in question. Have the sender digital sign each message
or provide an e-postage token in each message, with verification via a
centralized system
EXAMPLES: CRI, MSG-TRACK, digital signatures, e-postage
ISSUES: Centralized systems have DDOS and power-grab issues. Existing
MTAs have no support for this ability. This increases traffic and opens
a possibility for DDOS attacks. Anonymous email is killed.
SPAMMER WORKAROUNDS: Operating their own email server, steal someone
else's account or falsely register in a centralized database. Use a
hacked computer that is legit.

5. Verifying that the sender is actually human and not a machine.
PROBLEM: The inherent issue with email is that it is generated by
machines which can pump out bulk email very fast.
SOLUTION: Force senders to verify their "humanity" every so often OR for
every message, or use a centralized system.
SOLUTIONS: C/R and CRI with Turing tests, digital signatures and e-postage
ISSUES: Centralized systems have DDOS and power-grab issues. Turing
tests do not work for disabled. This increases traffic and opens a
possibility for DDOS attacks. Anonymous email is killed. Users do not
like go through verification. Mailing lists have big problems.
SPAMMER WORKAROUNDS: Hire cheap humans (developed countries) or tricks
humans (free porn sites with Turing tests). Develop software to go
around Turing tests. Steal someone else's account or falsely register in
a centralized database.

6. Verifying that the sender is a legit human, and not a spammer.
PROBLEM: Even verifying that the sender is human does not mean he is not
a spammer.
SOLUTION: Use a reputation system or a centralized database.
SOLUTIONS: Digital signatures and certificates, "Internet license"
ISSUES: Centralized systems have DDOS and power-grab issues.
SPAMMER WORKAROUNDS: Steal someone else's account or falsely register in
a centralized database. Use a hacked computer.

Comments?

Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"And this too shall come to pass"
-------


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] Re: 6. Proposals - Pull System (revisited), Chris
Next by Date:  Re: [Asrg] 0. General - Inquiry about CallerID Verification, Bart Schaefer
Previous by Thread:  [Asrg] 4. Survey of Solutions - Methods of Authentication, Yakov Shafranovich
Next by Thread:  [Asrg] 0. General - Guts of spammers, Andreas Saurwein
Indexes:  [Date] [Thread] [Top] [All Lists]