ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] Certificates

2004-04-24 20:37:04
from [gep2] [Permanent Link] 
 In deciding which email to receive (or allow to bypass strong

filtration), would you trust an irrevocable certificate from TrustE?
How about one from Verislime?  How about a revocable certificate from
Spamhaus?


If you want your email to be received, which of those would you buy?


The bottom line, again, is that certificates (like SPF) ultimately DO NOT SOLVE 
THE PROBLEM of spamming for the terribly simple and obvious reason that 
machines 
possessing valid certificates will be infected by spambot zombies (in fact, 
since they're "certificated" they will be widely sought-after zombie targets).

So your "certificate-approved" machine gets infected, and now it's pumping out 
"certificate-guaranteed" spam like there's no tomorrow.  And that 
"certificated" 
mail is sailing past all the spam filtration.

Certificates, like SPF, E-postage, and other such lame ideas, simply don't 
solve 
the problem.  They do NOT guarantee that mail is, or is not, spam.

The sad part is that they don't really even come close to that.

The nice thing about my approach... don't allow most users (i.e. those users 
without a GENUINE, AGREED NEED) to send you HTML-burdened mails (force the mail 
to plain ASCII text) and similarly don't allow most users (other than those 
you've negotiated with and approved in advance) to send you attachments (and 
open that window, guardedly, for only a few trusted senders and a few specific 
attachment types).

THEN, for the stuff that has gotten through (and where most of the tricks for 
obscuring content have been denied to the sender), you put it through a good 
content filter which will identify the stuff as spam if it looks like spam.

It ultimately doesn't much matter if the last ten messages (or a thousand) that 
sender sent were legitimate.  And if they're SPF-certified, and 
certificate-guaranteed too.  If this one (possibly sent post-infection) is 
spam, 
it gets nailed.  As it should.

That's part of what's good about my system.  It doesn't much care who 
guarantees 
(or used to) that the sender was once (and maybe still is) a good guy.  Even 
"good guys" need to respect the limited size of my Inbox, and not waste my 
resources, and also respect the other policies I've established for what I'm 
willing to allow them to send me.  If they don't play by my rules, then with 
very high likelihood they don't get access to my E-mail Inbox.  PERIOD.  

My scheme virtually eliminates spams and worms being sent successfully (to ME 
at 
least) in E-mails, and to a very large degree regardless of who the sender is 
(whether supposedly, or in fact).

My scheme also will reduce (received/stored) spam volumes (compared to today's 
HTML-burdened spam volumes) by something like 70-80%, simply by virtue of 
t-canning the worthless and superfluous HTML-burdened component.  (While still 
allowing HTML-burdened mail from those occasional senders that have made a 
genuine, compelling argument for it that convinces me to open the (MY!) window 
wide enough to let THEIR use of it through.)

Making that first filtering of the HTML junk happen also greatly increases the 
effectiveness of the content filtering of what's left, since there are very 
many 
fewer tricks left available to spammers and abusers for obscuring the true 
content of their unwanted messages.

So many of these unworkable/ineffective antispam schemes are being proposed 
that 
simply DO NOT SOLVE THE PROBLEM since they presume that "good guys" are always 
really "good", that spammers only send from "bad" machines, that machines with 
"certificates" cannot be zombie-ized, that spammers must of course use bogus 
From: addresses, or even that they send from their own machines at all.  What 
crazy la-la land are such deluded engineers living in, anyhow?  Talk about a 
serious case of denial!

Gordon Peterson                  http://personal.terabites.com/
1977-2002  Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections!  http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] E-postage, gep2
Next by Date:  [Asrg] My take on e-postage, Jonathan Morton
Previous by Thread:  [Asrg] E-postage, more..., gep2
Next by Thread:  Re: [Asrg] Certificates, Seth Breidbart
Indexes:  [Date] [Thread] [Top] [All Lists]