ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ietf-dkim] Collection of use cases for SSP requirements

2006-11-10 04:29:07
from [Charles Lindsey] [Permanent Link]
On Thu, 09 Nov 2006 16:16:59 -0000, Jeff Macdonald <jmacdonald(_at_)e-dialog(_dot_)com> wrote: 


On Thu, Nov 09, 2006 at 12:33:49PM -0000, Charles Lindsey wrote:



Which is where we need sites on which "reputations" can be queried. I
envisage these will operate rather like the present DNSBL blacklists. You 
choose such a site that you trust, and then ask its advice on the action
you should take according to the signer, From address, etc. I would
suppose that phishers own domains would rapidly acquire a rather poor
reputation (and the advice should be to "delete all mail where the
signature succeeds, and even where it doesn't").



Reputation has to start as neutral or negative. One can not start out
with a good reputation. Phishers don't need their domains to be around
that long to make some money.

Starting with a negative reputation means legitimate small companies
will be penalized. A possible solution to that is accreditation.


Yes, reputation is neutral if there is no evidence to suggest otherwise.
But what I have in mind is the organizations that currently publish DNS-based blacklists of spams such as spamhaus.org, which curently seems to hold the best reputation among them.
These organizations try to spot spams/phishes/whatever with hours of their appearance (mainly by the use of honeypots AIUI) and promptly put them in their blacklists (this will tend to catch both spam-friendly ISPs and compromised zombies).
In the future, I would be expecting such organizations also to be maintaining blacklists of signers with bad reputations, and I would expect a phisher who started sending signed phishes from a look-alike domain would find himself in such a blacklist within hours. 

--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131     Web: http://www.cs.man.ac.uk/~chl 
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk      Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9      Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] New Issue: Applicability of SSP to subdomains, Jim Fenton
Next by Date:  Re: [ietf-dkim] Collection of use cases for SSP requirements, Charles Lindsey
Previous by Thread:  Re: [ietf-dkim] Collection of use cases for SSP requirements, Jeff Macdonald
Next by Thread:  Re: [ietf-dkim] Collection of use cases for SSP requirements, Michael Thomas
Indexes:  [Date] [Thread] [Top] [All Lists]