At 02:15 PM 12/9/2003, Markus Stumpf wrote:
<...>
I'm not making a case that signing is better or worse that
LMAP, SPF, or similar approaches. I really don't know so
there is no hidden polemic here. I just have some questions
and comments.
What I see as problem is:
Imagine a header
X-Signature: mail.example.com; sign=439KJHD9087KJKLHKJ7LKJJLK
Now I can check back with mail.example.com and validate the sign. Fine.
A spammer can now simply use that and it will be ok for everyone.
A clarification...
+---------------+ +---------------+
| UA.o -> MTA.o | -> MTA.i -> | MTA.r -> UA.r |
+---------------+ +---------------+
Are you saying that MTA.o signed it and a spammer captured
the message and resent it? Was it resent from MTA.o or from
some other domain or does this not matter?
If the spammer sends from MTA.o, then wouldn't we expect MTA.o
to have a policy to not forward mail that it had previously
signed?
If it comes from some MTA.x then a legitimate MTA.x might
reasonably have a policy of not forwarding mail signed by
some MTA.o unless (1) it has some MTA.i relationship
with MTA.o, which will rarely be the case, and
(2) it was in fact received from MTA.o.
If MTA.x is not legit, then won't MTA.r make a determination
on the validity of the message based on the trust it places
in the signature of MTA.x and not MTA.o?
Mark
Now I want more security. Thus I need some variable token. One
possibility would be to use a date and give messages a lifetime.
X-Signature: mail.example.com; date=20031209-23:06:17;
sign=439KJHD9087KJKLHKJ7LKJJLK
Now the signature would be calculated using "mail.example.com" and the
varibale part "20031209-23:06:17". If it matches "439KJHD9087KJKLHKJ7LKJJLK"
the message will be accepted. A spammer can now simply use that very
line and it will be ok for everyone, at least until some expiration
date. However that has to be at least some days to compensate for
poorly configured hosts with wrong times or for message delays on relay
SMTP servers or the like. For a spammer it is rather easy to get a
valid line that is still valid for say 5 days: subscribe to any mailinglist
and the records are delivered right to your mailbox.
I do not believe that anything that depends on signing of headers only can
solve this problem. But without it the approach is useless.
And: it MUST contain the envelope sender address in the signature to
prevent sender forging.
There is no win to know that
mail.example.com
correctly signed the fact that the email with a sender address of
does(_dot_)not(_dot_)exist(_dot_)and(_dot_)is(_dot_)abused(_dot_)for(_dot_)spamming(_at_)yahoo(_dot_)com
was injected via
mail.example.com. There has to be a relation between mail.example.com
and
does(_dot_)not(_dot_)exist(_dot_)and(_dot_)is(_dot_)abused(_dot_)for(_dot_)spamming(_at_)yahoo(_dot_)com
that provides
some kind of authorization for mail.example.com.
> It is a valid objection - I believe in cryptology this would be called
> "a replay attack". One way of dealing with it is somehow authenticating
> the actual SMTP transaction, which brings us back to LMAP.
Which is IMHO quite useless, as if the actual SMTP transaction is
between the first hop and the receiver it is clear to whom I am talking
(e.g. from DNS). If it is a multi-hop connection a replay attack is a
piece of cake.
Maybe there is anybody on this list with posting priviledges to the NANOG
list and can ask for a contact to the Yahoo guys in the name of the ASRG?
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg