ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] Re: A new (?) wrinkle on the spamming problem

2005-12-10 12:09:57
from [gep2] [Permanent Link] 
This is INDEED a matter of concern... when disreputable folks start signing 

_our_ names to E-mails to politicians and others (who knows, letters to the 
editors, and so forth) in hopes of making it look like WE support THEIR 
causes...!!!!



As Peter mentioned, this is not really new.  This is the kind of thing

that SPF is designed to help with.  Domain owners can choose to
publish SPF records saying how they wish their domain names to be used
and email receivers can choose to listen to what the domain owners
say.


See http://www.openspf.org/


Except that it DOESN'T.

SPF only just helps indicate that a given E-mail came from an expected domain's 
mail server(s).  Which, in fact, does damned little to solve much of anything.

If you have a very large ISP, say comcast.net or aol.com or the like, you might 
have literally millions of users and hundreds or thousands of mail servers, and 
that hole is so gaping and yawning that you could drive the Queen Mary 2 
through 
it blindfolded, without even worrying about scratching the paint on the sides.


It is not clear to me if DKIM (the merged DomainKeys and IIM system)

will allow you to repudiate this kind of abuse of your domain name.
Instead it looks like they may be able to just give positive
assertions that the email did come from who it says it is  It may not
be able to say that the email didn't come from who it says it is. 
Similarly, things like S/MIME and PGP give much strong positive
assertions than SPF and DKIM, but you can't tell if an unsigned email
is valid or not.

And the fact of the matter is that the GREAT majority of mail IS unsigned, just 
as the GREAT majority of mail hasn't drunk the Kool-Aid of those folks hawking 
SPF and the like.

Gordon Peterson                  http://personal.terabites.com/
1977-2002  Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections!  http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [Asrg] Re: A new (?) wrinkle on the spamming problem, gep2 <=
Previous by Date:  Re: [Asrg] Re: White/black lists, Greg R. Broderick
Next by Date:  Re: [Asrg] Re: Country numbers, Walter Dnes
Previous by Thread:  [Asrg] Re: Country numbers, gep2
Next by Thread:  [Asrg] E-Mailer ID, Barry Shein
Indexes:  [Date] [Thread] [Top] [All Lists]