I would like to pose a question to the group. The IP address of the
incoming MTA is the only sure thing that we possess today that cannot be
easily spoofed (BGP attacks aside). There are numerous blacklist and
reputation services out there that carry and store information about IP
addresses. With an LMAP-type proposal like DRIP, this information can
also be keyed by domain name.
All of this implies that reputation services such as blacklists will
continue to exist. However, a major problem has been with these services
is that they provide a binary yes/no answer. Many commercial ISPs would
like to make the decisions themselves. Filters such as SpamAssasin would
probably be better off basing data on a larger scale than a simple yes
or no.
Taking all of this into account, I ask the following:
1. Is it feasible to develop a standard format and protocols for storing
and quering data from reputation services?
2. Is it feasible for such format to be feature rich providing more data
than a simple yes/no. Meng Wong of SPF proposed on his list a while back
something like how many messages sent by MTA, how many were spam, etc.,
akin to what SenderBase does.
3. Can this be supplemented by accrediation formats and protocols?
4. Would any of this improve blacklists?
5. Would all of this reduce spam?
Feel free to forward this message to other lists, and NANAE.
Yakov
-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"I ate your Web page. / Forgive me. It was juicy / And tart on my
tongue." (MIT's 404 Message)
-------
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg