On Tue, Jan 30, 2007 at 10:07:51PM -0600, gep2(_at_)terabites(_dot_)com wrote:
[problem of botnets as spam originators]
The solution to the problem is actually AMAZINGLY
simple... I know that a lot of y'all have this fixation on
IP-based solutions, but a FAR better solution (rather than
attempting to block spam AFTER the botnets are recruited)
is to block the virus/worm code-containing E-mail messages
BEFORE they infect those computers.
And that is really rather easy... you simply block any
HTML or attachments (and particularly EXECUTABLE
attachments) that isn't coming from a sender that is known
and trusted by the recipient TO SEND THEM EXECUTABLE
CONTENT.
Note that MOST users (probably 98-99%) will not whitelist
ANYBODY to send them executable content in E-mails...!
The reason people have a fixation on IP-based, or signature-based
identification mechanisms is simple.
Without a guarantee of 'identity', you can't whitelist someone. You'll
end up adding a whitelist entry which viruses will forge mail from in
order to get to your inbox.
A whitelist is simply an end-user accredited reputation service. Like
all reputation mechanisms, it makes no sense if the entity being queried
for can not be proven to be the same as the one being vouched for.
--
David Maxwell, david(_at_)vex(_dot_)net|david(_at_)maxwell(_dot_)net -->
Although some of you out
there might find a microwave oven controlled by a Unix system an attractive
idea, controlling a microwave oven is easily accomplished with the smallest
of microcontrollers. - Russ Hersch - (Microcontroller primer and FAQ)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg