Rich Kulawiec wrote:
On Mon, Jun 22, 2009 at 11:45:08PM +0200, Claudio Telmon wrote:
In this respect, the framework should be effective, since spammers would
also need to generate the consent token, which they can't.
Why not? They can run any code they want on any compromised system,
therefore they can generate the consent token the same way the former
owner of that system could.
The owner of the compromised system can only generate tokens then
accepted by his address's MTA, the same can the spammer that compromised
the system.
The attacker can collect the tokens provided to the system owner in
order to communicate with other people. It will then be able to send
spam to the owner's correspondents. These, in turn, can see that spam
arrives with the tokens they provided to the system owner, inform the
system owner about this fact and invalidate the tokens. Once the system
security is "restored", the spammer is left with useless tokens.
Collected consent-protected addresses are useless without valid tokens.
--
Claudio Telmon
claudio(_at_)telmon(_dot_)org
http://www.telmon.org
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg