Re: MASS plus Sender-ID


Justin Mason wrote:

hmm, you might be on to something there, that does indeed seem to be a
replay attack that can be used to deliver spam.

Indeed there is; see draft-fenton-identified-mail-01.txt section 9.1.4.The problem is that there is no way I can think of to differentiate anMTA that forwards mail to multiple addresses from a spam replay, otherthan intent and (possibly) the number of addresses that the messages isforwarded to. It's hard to detect even the latter, unless you're alarge enough domain to get a large number of copies of the same messagewith the same signature.


-Jim

<Prev in Thread]	Current Thread	[Next in Thread>
MASS plus Sender-ID, Hallam-Baker, Phillip Re: MASS plus Sender-ID, Tony Finch Re: MASS plus Sender-ID, Justin Mason Re: MASS plus Sender-ID, wayne Re: MASS plus Sender-ID, Justin Mason Re: MASS plus Sender-ID, Jim Fenton <= Re: MASS plus Sender-ID, Tony Finch Re: MASS plus Sender-ID, Michael Thomas Re: MASS plus Sender-ID, domainkeys-feedbackbase01 Re: MASS plus Sender-ID, wayne Re: MASS plus Sender-ID, Mark Baugher Re: MASS plus Sender-ID, wayne Re: MASS plus Sender-ID, Hallam-Baker, Phillip Re: MASS plus Sender-ID, Michael Thomas

Previous by Date:	Re: MASS plus Sender-ID, Justin Mason
Next by Date:	Re: MASS plus Sender-ID, wayne
Previous by Thread:	Re: MASS plus Sender-ID, Justin Mason
Next by Thread:	Re: MASS plus Sender-ID, Tony Finch
Indexes:	[Date] [Thread] [Top] [All Lists]