ietf-asrg
[Top] [All Lists]

Re: [Fwd: [Asrg] Re: Documents for LMAP BOF]

2004-02-09 12:23:56
Alan DeKok wrote:
Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:

If the entire purpose of these proposals is to make sure that the sender is who he claims to be according to DNS information,

  I would say "has permission to claim association with a domain"

than what we could do is create an ESMTP extension to pass sender's information to the server MTA which will be verified via DNS. Since we need to change MTA software to support sender rewriting schemes, we might as well add a new extension instead, to pass that information explicitly.


  Sounds fine to me.  Can we have a show of hands from people in the
IETF who are *not* opposed to modifying SMTP?


I am not talking about modifying SMTP itself, rather adding an optional ESMTP extension to it. Servers using this extension would be whitelisted, giving people incentive to use it. Servers, that do not will be treated like they are today. The underlying SMTP protocol will not be modified in any way.

In SMTP AUTH RFC there is an AUTH parameter for the MAIL FROM command which indicates the sender. If you use some similar mechanism to pass sender information, you do not have to mess around with changing the semantics of the envelope sender that are defined in RFC 2821.

Of course, that would assume that you trust the MTA which brings us back to two separate problems:
1. We are trying to authenticate the incoming MTA.
2. We are trying to authenticate the relationsh between the sender's domain and the incoming MTA.

DRIP addresses #1, while the other LMAP proposals address #2. What I see as a problem is that sender's identity is not being explicitly given, rather it is implied from #2. I would be much happier if the incoming MTA would pass me the sender's identity and the question of authentication of MTAs would be separate.

For example, with DRIP you can tie MTAs to domains and then to a reputation service for IPs/domains of incoming MTAs. Then you would have a separate mechanism for passing the sender's identity. This would protect you from having trusted MTAs relay spam from hijacked computers since the two identities will remain separate.

  99.99% of the spam I get is forged.  Call me naive, but this says to
me that spammers believe that forgery is an important part of the
spamming process.


Well the question is, imagine is the email system had identity. Would it have made a difference?

Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Be liberal in what you accept, and conservative in what you send" (Jon Postel)
-------

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg