ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Re: 6. Proposals: MTA MARK

2003-12-10 15:35:42
from [Yakov Shafranovich] [Permanent Link] 
David Maxwell wrote:


On Wed, Dec 10, 2003 at 02:51:11PM +0200, Tomi Panula-Ontto wrote:


True, but actually, MTAMark and ReverseMX don't address the issue of
hijacked computers completely. It merely changes the situation so that
the hijacked computer will not take direct connections to the receiving
MTAs,
but instead spammers must try
a) to make the hijacked computers send messages via registered MTA for that
network
b) hijack the dns server (to register that hijacked computer)
c) hijack the registered MTA
d) any ideas?

Anyway, it'll limit their possibilities and will target their efforts
on compromising the MTAs, workstations and DNS servers.



The key is:

MUA running machines are maintained by end-users.
MTA/DNS running machines are maintained by network administrators.

The MTA/DNS machines are likely to be orders of magnitude more safe from
attacks, due to correct configuration, choice of OS, up to date patch
sets...
There are also things like rate limiting which can help with the ISP's MTA. As for DNS threats, if the DNS system begins to get attacked, this will provide an incentive towards securing it (via DNSSEC, or some other way). Threats to DNS is not really within our scope, and is being handled by one of the DNS WGs.
But you are correct in stating that spammers will seek other means, and their unholy alliance with virus/worm writers, as well as hackers, will definatly increase in size. This is something that general network security folks have to worry about, and is out of the scope for this.
Nevertheless, this issue should be mentioned in some document, so we are aware of it, but it is not a reason against implementing something. 

Yakov

-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety" (Benjamin Franklin) 
-------


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?, Alan DeKok
Next by Date:  Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?, Markus Stumpf
Previous by Thread:  Re: [Asrg] Re: 6. Proposals: MTA MARK, David Maxwell
Next by Thread:  Re: [Asrg] Re: 6. Proposals: MTA MARK, Fridrik Skulason
Indexes:  [Date] [Thread] [Top] [All Lists]