ietf-asrg
[Top] [All Lists]

Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"

2003-12-08 14:55:31
Alan DeKok wrote:
Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:

Having the ability of someone else vouch for a domain, is another advantage of this approach (DK) over LMAP,


  Current blacklists can be viewed as a way of third parties vouching
for a domain.  The MTAMark proposal is similar.

  Though the various documents don't say so, there's nothing to stop
an MTA from looking up LMAP information in a third-party database,
too.  e.g.  "domain.com._lmap_.example.com", or
"4.3.2.1.domain.com._lmap_.example.com"

  Hmm... I'll add that to the discussion document as a possible method
of blacklisting domains which are known to host spammers.  Leveraging
the LMAP infrastructure for a domain-based blacklist just makes
sense...

Domain black-lists aren't particularly useful, because domains are cheap enough to register that spammers could send one load of spam from a given domain and then abandon it. If a spammer is stupid enough to stick around, or they have some pretense of legitimacy, then a blacklist could have some effect.

I thought the point was that white lists would become meaningful because people couldn't ride on someone else's good reputation, as they can now, and service providers could be held accountable for bad users sending mail within their domain.

Philip Miller


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg