ietf-asrg
[Top] [All Lists]

RE: [Asrg] Trust relationships etc.

2005-07-21 04:42:15


On Thu, 21 Jul 2005, Brian Azzopardi wrote:


Yes of course. But what's the point? 

Reputation schemes will only be effective if enough people implement
them, and it will still *not* solve a spamming zombied machine.

I would only use the reputation of the connecting host, which is unlikely
to be "owned". And if it were, its reputation would certainly go down.  
Only if there were some effective way to authenticate the original sender
would it be interesting to collect reputations for senders.

Authentication is not an answer - we must assume that all data sent from
a zombied machine can be falsified and that authentication details can
be stolen.

Spam filtering has to be done on a per-message basis.

Since only the connecting host is known with any degree of accuracy,
filtering needs to be based on that. Any attempt to reduce false positives
by accpeting the good mail and rejecting the bad mail from a connecting
host is going to be very difficult to maintain, and in effect authorizes
hosts to send spam, by placing the responsibiiity for controlling spam
completely on the receipient.

feenberg isat nber dotte org


Brian


-----Original Message-----
From: asrg-bounces(_at_)ietf(_dot_)org 
[mailto:asrg-bounces(_at_)ietf(_dot_)org] On Behalf Of
Jon Kyme
Sent: Thursday, July 21, 2005 11:23 AM
To: ASRG
Subject: RE: [Asrg] Trust relationships etc.

Brian Azzopardi wrote:
More sophisticated
implementations can feed the filter other events such as IPs, dollar 
amounts, appropriately processed time, etc.

And of course it's not hard to arange for reputation and authentication
data to be input to statistical filtering - this is easily done by
adding appropriate headers. This is a general mechanism for upstream
entities to provide input to downstream filtering.






_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

  
This mail was checked for viruses by GFI MailSecurity. 
GFI also develops anti-spam software (GFI MailEssentials), a fax server (GFI 
FAXmaker), and network security and management software (GFI LANguard) - 
www.gfi.com 


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg





_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg