ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: 6. Proposals: LMTP proposals]]

2004-03-30 16:32:48
Fridik,

I agree with your points,  however, I believe the issue of compromised
machines is outside the scope of SMTP.   The question becomes how these did
machines become compromised in the first place. That is an different issue
outside of SMTP.

If the question is "How can we use SMTP to detect compromised machines?"
then once again, like everything else it all boils down to two things:

       - Trusted Clients (who can we trust and how?)
       - Authentication (who is sending the mail and for whom?)

I am full agreement that the SMTP protocol can not by itself solve the
spammer problem.  In it present form, it will take a suite of ideas and
solutions each based on validation of each state point or combo of state
points.

A 100% (technical) solution to the access/authentication problem can be
achieved but not in the present form of SMTP or more specifically, support
for ESMTP extensions which means modifications to software.  (Note, I am not
attempting in any way, shape or form interpreting what is consider spam.  I
am purely looking at this as an access/authentication issue at the protocol
level).

Outside of this, with no change to SMTP or SOFTWARE,  I can only see an
utopian solution using a new Central Authority Network (farm) controlled by
some entity or group in association with the internet backbone.  My uplink
(UUNET) may adhere to this and if we want to offer a mail server on our
system,  we must comply with the network using compliant software, and
registration with the network, etc.   Don't believe it can't happen.  All is
takes a good proposal presentation to convince the big dogs to do this - in
the name of security and CyberTerrorism.   Never mind spam.

---
Hector Santos, CTO
WINSERVER "Wildcat! Interactive Net Server"
support: http://www.winserver.com
sales: http://www.santronics.com



----- Original Message ----- 
From: "Fridrik Skulason" <frisk(_at_)f-prot(_dot_)com>
To: <asrg(_at_)ietf(_dot_)org>
Sent: Monday, December 01, 2003 1:07 PM
Subject: Re: [Asrg] Re: 6. Proposals: LMTP proposals]]


Adding security in one are of the network changes the cost-benefit
ratio for attacks in other areas of the network.  This is a very
different statement than what you made.

It seems you have misunderstood me - this is exactly what I was saying.
If LMAP (or something like that) gets adopted, spammers will change their
strategy to stay in business.  One of the strategies not affected by
LMAP is the use of compromised machines - therefore I fear that we will
see an increase in their use in the future.

In other words, widespread implementation of LMAP (which would be a
good
thing) would lead to more compromised machines (which would be a bad
thing) ;-)

 Tough sh*t for them.

Nice to see how concerned you are about security.

By the same argument, I shouldn't put locks or an alarm in my house,
because that encourages thieves to go after my neighbour, instead of
me.

Now this is just stupid.  I am not arguing that something like LMAP
should not be implemented....quite the contrary - I would love to see
something like that widely adopted.  All I am saying is that by itself,
it may not have much effect on the overall spam volume - the spammers
will switch to other methods, and to handle those we need different
solutions.

-- 
Fridrik Skulason   Frisk Software International   phone: +354-540-7400
Author of F-PROT   E-mail: frisk(_at_)f-prot(_dot_)com       fax:   
+354-540-7401

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg




_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>
  • Re: [Asrg] Re: 6. Proposals: LMTP proposals]], Hector Santos <=