On Tue, 7 Jun 2005, Frank Ellermann wrote:
der Mouse wrote:
I see Message-ID:
<Pine(_dot_)LNX(_dot_)4(_dot_)62(_dot_)0506041323590(_dot_)17965(_at_)sokol(_dot_)elan(_dot_)net>
which came to me direct from elan.net, and as far as I can
tell I never got a copy of it through the list.
Nor GMaNe, so could somebody who got it (like you ;-) or sent
it (like William) please repost it ?
-------------------------------------------------------------------------
From william(_at_)elan(_dot_)net Sat Jun 4 13:40:12 2005
Date: Sat, 4 Jun 2005 13:40:12 -0700 (PDT)
From: "william(at)elan.net" <william(_at_)elan(_dot_)net>
To: der Mouse <mouse(_at_)Rodents(_dot_)Montreal(_dot_)QC(_dot_)CA>
Cc: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] Re: BATV and SES - was forged bounces
On Sat, 4 Jun 2005, der Mouse wrote:
There's two reasons for that. One is that replay isn't a problem
and isn't likely to be.
You don't know it.
"Isn't a problem" - John apparently has experience as a high-profile
forgery target that says it *isn't* a problem. Do you have countering
experience to give?
"Isn't likely to be" - that's a judgement call, but, tentatively, I'd
certainly be inclined to believe him. Do you have evidence to the
contrary?
For both I suspect that John (being the only user of BATV) does not have
good "generic" data as his operations are very unique in that bounces come
to domain that has substantially no users that directly email from it.
There is simply no potential for anyone to find data for replay attack!
(nor would anyone try if he's the only one doing BATV)
But I believe that in real-life domains have 95% legitimate bounce rate
and 5% or less might be false with a LOT of users posting a lot more often
then number of bounces received and MAILFROM would often get exposed and
will be easy to find and use for replay attack.
It is exceedingly rare to see a deliberately forged bounce, and it
is hard to see a plausible scenario in which bad guys would want to
forge them
After being a victim of half a dozen joe-jobs, I disagree.
Forged bounce != bounce of forgery.
Perhaps you do not see that main problem is that its still possible
to forge bounces both just randomly (finding any MAILFROM with
full signature from trace data) and deliberately (looking for such
data for specific person to cause him to receive bounces).
So without replay attack solution, BATV is of limited use, be it
private key or public key based. Same BTW goes for SES.
Unfortunately the very solutions that could stop replay are the ones
that all require database on the sender side (and then using crypto
does not make sense any more) which makes such solution not easily
scalable. So we're back to the drawing board.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg