ietf-mailsig
[Top] [All Lists]

Replay isn't the problem, spam is the problem

2005-08-08 21:14:45

In 
<Pine(_dot_)BSI(_dot_)4(_dot_)56(_dot_)0508082258070(_dot_)27175(_at_)tom(_dot_)iecc(_dot_)com>
 "John R Levine" <johnl(_at_)iecc(_dot_)com> writes:

You're also making the assumption that spammers will blast out many
identical messages with the same signature.  They stopped doing that in
about 1999,

That's interesting.  I took a quick look at my spam folder and quickly
found identical copies of spams delivered to just me.  I didn't bother
to look to see at any of the spam sightings collections to see how
many individual spams delivered to me were also delivered to others.

            and nobody's suggested what would make them resume doing so.

That is also interesting.  I recall several people saying that riding
on other people's reputations would be a good reason why spammers
might want to do so.  

It's far more likely that they'll keep doing what they're doing now,
sending out messages that are all different, or at most sending to a
handful of recipients before changing the message.  Replay protection,
even if it's possible, is of no help.

Well, I guess it all depends on what you define as "a handful".
Nothing is stopping a spammer from replaying just one email.  They
could probably generate hundreds or thousands of variations before
they start their spam run.

Well, you may be right that replay protection may not be possible, or
that it may be of little help.


That kind of raises the question though: What good does having a DKIM
signed email give us?  Why, as a domain owner, would I want to sign
email?  Why, as a email receiver, would I want to check the signature?

I thought I knew what people would give as the answers to those
questions, but it is clear that others have different ideas of the
goals and benefits of signing email.


-wayne

<Prev in Thread] Current Thread [Next in Thread>