ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] Re: "worm spam" and SPF

2004-11-28 16:09:59
from [Frank Ellermann] [Permanent Link] 
gep2(_at_)terabites(_dot_)com wrote:


Or, alternatively, the problem SPF "solves" is NOT the spam
problem, nor is it the worm problem.


Yes, that's true, SPF attacks the problem of forged MAIL FROM
addresses and forged HELO domains.  It's indirectly related to
spam and worms at the moment, like open relays were related to
the spam problem some years ago.


as long as authenticated machines can be infected and
recruited to send "authenticated" worm/spam messages, SPF
and similar schemes do very little to prevent such things


It allows to find the relevant abuse desk fast, not too shabby.
All these weird challenges / out-of-office / vacation mails
won't hit innocent bystanders, if many receivers support SPF.

"Many" is good enough, spammers and worm authors won't waste
their time with something not working at say AOL or behind SA.


undoing the DAMAGE that SPF has done


There's no "damage", if you don't like it just don't publish a
sender policy.


your "solution" is to get rid of MIME multipart resp.
text/html, and mails bigger than 12 KB.



No, not at all.


You said so in <200411280518(_dot_)AAA23560(_at_)ietf(_dot_)org> :

| default is to (by default) not accept messages that:  
| (1) are are bigger than some limited size (say 10K-25K),
| (2) contain attachments, and/or (3) contain HTML

12,000 bytes is a limit in my own "popstop" script, but it's
within your size limits.


Once the contact has been made, and the recipient trusts the
sender, *if* there is going to be an extended correspondence,
then the recipient can enable ONLY JUST the type of
bulkier/riskier content that they agree


Okay, in fact I have "special" addresses (not nobody(_at_)xyzzy)
where I don't limit the size, and don't look for any TV or UE
starting a base64 attachment (poor man's AV, credits to John)

But the UBE still sits there in my POP3 mailbox waiting for an
over quota or my script.  And many of the bounces and all other
crap caused by forged addresses were relatively small.


With widespread adoption


That's the problem of all FUSSPs.  As you see I have no problem
to mix different ideas, as far as that's possible for a normal
POP3 user without the root password for the MX of his provider.

                           Bye, Frank



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Asrg] "worm spam" and SPF], william(at)elan.net
Next by Date:  [Asrg] FW: Your email requires verification verify#DzSXey5Ib5bYxjdNkwIJu 3jkHCbIESbz, Hallam-Baker, Phillip
Previous by Thread:  [Asrg] Re: "worm spam" and SPF, gep2
Next by Thread:  Re: [Asrg] Re: "worm spam" and SPF, der Mouse
Indexes:  [Date] [Thread] [Top] [All Lists]