ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] draft-irtf-asrg-criteria (was Re: request for review for a non FUSSP proposal)

2009-06-26 06:49:45
from [Ian Eiloart] [Permanent Link] 


--On 25 June 2009 12:40:19 -0700 Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> 
wrote:



On Jun 25, 2009, at 10:40 AM, J.D. Falk wrote:


Danny Angus wrote:


I tried some time ago to articulate some tests which any proposal
ought
to at least acknowledge, which you can find here..
http://www.killerbees.co.uk/draft-irtf-asrg-criteria-00.html

You may find them helpful.


Nicely done; I think this could be the start of a very useful
document.  Any interest in starting up work on it again?

First steps could be:
- update terminology to match draft-crocker-email-arch
- include some examples taken from other RFCs, both successful and
non-


This draft overlooked an important area.  It assumes a viable and
scaleable means to identify initial senders when confronting massive
levels of abuse.


Which section assumes that.


Simply put, without a two tier approach to abuse that
begins by identifying outbound MTAs, email will not remain viable.  This
paper overlooks that need.
I think that's a different level, isn't it? That's a proposal to be judged by the criteria in this paper. The paper shouldn't make any claims about how to prevent spam. It's just trying to outline the problem space. 



- Include a means for efficient and efficacious host name identification
and domain level authorization of systems granting access for outbound
public (non-authenticated port 25) SMTP messages.

Even reverse DNS queries often impose a too great of a burden on
resources due to bot-net related abuse. :^(

Reducing the number of systems that need vetting are best consolidated by
identifying the outbound MTA explicitly signified as providing this
service within the forward facing name space.  A means to explicitly
facilitate this function becomes more necessary with increased inclusion
of IPv6 and further growth of bot-nets.  Once outbound MTAs provide
stable and specific identifications within the domain name space, the
immediate vetting this allows provides a much needed reduction on the
resource burdens imposed upon SMTP by abuse.   These schemes should also
not cause undue burden on DNS either.

-Doug

_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg




--
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] request for review for a non FUSSP proposal, Ian Eiloart
Next by Date:  Re: [Asrg] draft-irtf-asrg-criteria (was Re: request for review for a non FUSSP proposal), Ian Eiloart
Previous by Thread:  Re: [Asrg] draft-irtf-asrg-criteria (was Re: request for review for a non FUSSP proposal), Douglas Otis
Next by Thread:  Re: [Asrg] draft-irtf-asrg-criteria is missing Outbound MTA definition., Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]