ietf-asrg
[Top] [All Lists]

Re: [Asrg] 0. General

2004-03-30 16:32:40
At 1:18 PM -0400 2003/10/23, David Maxwell wrote:

        That's fine, but keep in mind that this has collateral damage
        consequences.

 It's my choice to accept those consequences - it's _my_ consent
 decision.

That's fine -- up until the time where you tell other people that they should be doing the same thing.

If you want to insert lit explosive devices into your body, that's one thing. But when you start encouraging other people to do the same, that's totally different.

 That's not an abuse of DRIP. DRIP provides a layer upon which I can add
 a white/grey/blacklist by domain. Without DRIP (or RMX, etc), I cannot
 whitelist by domain, since spammers can forge spam claiming to be from
 one of the domains I whitelist.

They could do that anyway. Remember the previous discussion of DNS cache poisoning? Even if your servers are immune to cache poisoning, what are the odds that the advertised nameservers of all your whitelist domains are also secure?

 Many of the viruses forge email source. If they didn't, I could easily
 contact the sender and tell them to cleanup their machine.

Just forge the username. Unless you contact the system administrator at that ISP and get them to match the username against the IP address at that particular time, you'd never know (that's assuming they have accurate logs for that time, or that they're willing to do this for you since you're not a paying customer). Or, forge the username within any of the other domains which are hosted by those machines.

Of course, another issue with open caching/recursive servers is that you can get anyone in the world to effectively host your domain for you, and combined with wildcards they could appear to be hosts for virtually all domains on the Internet.

 I'm not rejecting the mails in the SMTP phase - so the RFC specs are not
 relevant - however, the fact that I cannot implement
 white/grey/blacklists leaves content inspection as the only method to
 identify spam. That 'guesswork' takes a lot of CPU time, and gives me a
 very non-deterministic answer anyway.

You're going to be forced to do that anyway. You're just going to force the spammers to get that bit more crafty to by-pass your so-called protection mechanisms.

--
Brad Knowles, <brad(_dot_)knowles(_at_)skynet(_dot_)be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
    -Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>