ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Certificates

2004-04-25 15:17:14
from [Seth Breidbart] [Permanent Link] 
gep2(_at_)terabites(_dot_)com wrote:


 In deciding which email to receive (or allow to bypass strong
filtration), would you trust an irrevocable certificate from TrustE?
How about one from Verislime?  How about a revocable certificate from
Spamhaus?

If you want your email to be received, which of those would you buy?


The bottom line, again, is that certificates (like SPF) ultimately
DO NOT SOLVE THE PROBLEM of spamming for the terribly simple and
obvious reason that machines possessing valid certificates will be
infected by spambot zombies (in fact, since they're "certificated"
they will be widely sought-after zombie targets).


And about 40 seconds after they start spewing, spamhaus revokes their
certificate.


So your "certificate-approved" machine gets infected, and now it's
pumping out "certificate-guaranteed" spam like there's no tomorrow.


For 40 seconds, maybe.


Certificates, like SPF, E-postage, and other such lame ideas, simply
don't solve the problem.  They do NOT guarantee that mail is, or is
not, spam.


No, but they can help reduce the amount of mail that's misclassified.


The nice thing about my approach... don't allow most users
(i.e. those users without a GENUINE, AGREED NEED) to send you
HTML-burdened mails (force the mail to plain ASCII text) and
similarly don't allow most users (other than those you've negotiated
with and approved in advance) to send you attachments (and open that
window, guardedly, for only a few trusted senders and a few specific
attachment types).

THEN, for the stuff that has gotten through (and where most of the
tricks for obscuring content have been denied to the sender), you
put it through a good content filter which will identify the stuff
as spam if it looks like spam.


There don't seem to be any such content filters that are good enough
now; requiring them as part of your solution doesn't make your
solution any more viable.


My scheme virtually eliminates spams and worms being sent
successfully (to ME at least) in E-mails,


"virtually"?  How do they ever get through?


Making that first filtering of the HTML junk happen also greatly
increases the effectiveness of the content filtering of what's left,
since there are very many fewer tricks left available to spammers
and abusers for obscuring the true content of their unwanted
messages.


When it's necessary, they'll find more, just like they always have.

Seth

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Re: Answering a lot of questions about e-postage in a few sentences, der Mouse
Next by Date:  Re: [Asrg] My take on e-postage, Jonathan Morton
Previous by Thread:  [Asrg] Certificates, gep2
Next by Thread:  [Asrg] My take on e-postage, Jonathan Morton
Indexes:  [Date] [Thread] [Top] [All Lists]