ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] DKIM role?

2008-11-19 11:09:57
from [Michael Thomas] [Permanent Link] 
Rich Kulawiec wrote:

On Thu, Nov 20, 2008 at 12:16:22AM +1200, Franck Martin wrote:
but all MTA's send NDR, this is part of their role? or should we stop that? 

The latter.  There's no point in sending a NDR in response to malware
or spam (and many reasons not to).  Just reject it outright during
the SMTP conversation, and let the sending system deal with that.

Think about this way: if it's malware, then either the connecting system
originated it or is forwarding it.  If it's the origin, then it's enemy
territory and there's no point.  If it's forwarding malware, then there's
no point in trying to forward a response back to the originator because
it's the keepers of the forwarding system who need to know.

If it's spam, then similar reasoning applies: if it's the origin,
then you're telling spammers that they're spammers, which they already
know.  If it's forwarding spam, then it's the keepers of the forwarding
system who need to know, not the putative originator.

This applies no matter what authentication technology (if any) is in
place, even hypothetical authentication technology which identifies
the original sender.


Murray at sendmail has proposed a new draft which (I hope I'm
characterizing this correctly -- it's been a while) would provide
a feedback mechanism for authentication failures. IIRC, it's not
a NDR but something else. The general idea was to attach this "report
back to me" feature in the ADSP record, with some sort of standardized
report sent over SMTP.

We decided to defer any work on that as -- as this post rightly
points out -- it is a huge can of worms, and that if not thought
out completely could be quite harmful. But it would be nice for
signers to have some idea somehow if their signatures were being
broken. Like, for example, if somebody were spoofing their addresses
they might be able to hunt them down. Or just the simple non-malicious
fact that most reasonable sized organizations have clue-0 who is
actually sending legitimate mail on their behalf.

I believe that the DKIM wg is in the process of rechartering, and
that this was proposed as possible wg item. My feeling is that the
the problem and possible solutions are not well defined, and that
it's not entirely clear that DKIM is the right place for it.. yet.
As a research-y kind of thing, however, it does seem to have merit
at least understanding the problem space, IMO.

                Mike
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] Fwd: Email Postage (was Re: FeedBack loops), Gerald Klaas
Next by Date:  Re: [Asrg] Email Postage (was Re: FeedBack loops), mathew
Previous by Thread:  Re: [Asrg] DKIM role?, Rich Kulawiec
Next by Thread:  Re: [Asrg] DKIM role?, Ian Eiloart
Indexes:  [Date] [Thread] [Top] [All Lists]