ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys"

2003-12-09 22:57:30
from [Yakov Shafranovich] [Permanent Link] 
Markus Stumpf wrote:

On Tue, Dec 09, 2003 at 04:31:20PM -0500, Yakov Shafranovich wrote:

[..]
But your underlying objection is correct - headers get changed and added all the time. The question would be whether that will significantly affect this scheme and how to deal with it. Signing a select group of headers AND requiring MTAs that send signed messages to have those headers present might be one way of it. 


What I see as problem is:

Imagine a header
   X-Signature: mail.example.com; sign=439KJHD9087KJKLHKJ7LKJJLK
Now I can check back with mail.example.com and validate the sign. Fine.
A spammer can now simply use that and it will be ok for everyone.
Now I want more security. Thus I need some variable token. One
possibility would be to use a date and give messages a lifetime.
   X-Signature: mail.example.com; date=20031209-23:06:17; 
sign=439KJHD9087KJKLHKJ7LKJJLK
Now the signature would be calculated using "mail.example.com" and the
varibale part "20031209-23:06:17". If it matches "439KJHD9087KJKLHKJ7LKJJLK"
the message will be accepted. A spammer can now simply use that very
line and it will be ok for everyone, at least until some expiration
date. However that has to be at least some days to compensate for
poorly configured hosts with wrong times or for message delays on relay
SMTP servers or the like. For a spammer it is rather easy to get a
valid line that is still valid for say 5 days: subscribe to any mailinglist
and the records are delivered right to your mailbox.
Lets say that a spammer does do a replay attack. Wouldn't signing the message (body and headers) force the spammers to be able to send identical spams if they want them to appear to come from that domain? Wouldn't that also mean that systems that rely on identical spam content such as DCC, would be able to catch the spams easier?
What it seems to me now, is that this proposal is not meant to be by itself, it rather addresses only certain points and tricks that spammers use. But cutting away the ability to joe-job a site unless you want to send all of your messages as identical, would definatly help some what. 

Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"I ate your Web page. / Forgive me. It was juicy / And tart on my tongue." (MIT's 404 Message) 
-------


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys", Markus Stumpf
Next by Date:  Re: [Asrg] Re: 6. Proposals: MTA MARK, Bart Schaefer
Previous by Thread:  Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys", Mark Baugher
Next by Thread:  Re: [Asrg] 6. Proposals - DNS + PKI - Yahoo's "Domain Keys", Fridrik Skulason
Indexes:  [Date] [Thread] [Top] [All Lists]