ietf-mxcomp
[Top] [All Lists]

Re: Forging (was Re: Differences between CSV and Sender-ID )

2004-07-05 11:34:23

Dave Crocker <dcrocker(_at_)brandenburg(_dot_)com> wrote:
I did not say that forgery is not a problem.

I said that it is not essential to spamming.

  It is essential to a particular class of spam, as I mentioned in my
previous message.  I was trying to explain why broad statements about
forgery and spam could be construed as belittling something that, for
many, is a serious problem.

Get rid of forging and you will not reduce spamming at all.

  I've been saying that on ASRG for about a year.  This isn't news.

  Prevention of forgeries will, however, reduce the impact of spam on
innocent third parties.

  RBL's stop spam from one IP, but the spammer can just move, and spam
again.  Does this mean that RBL's are useless?  Of course not.
Similarly, MARID won't stop spam, but that doesn't mean it's
addressing a trivial problem.  I don't see weekly statements on
anti-spam lists saying "RBL's won't stop spam", but I do see such
statements about MARID.  I don't know why, and I just don't get it.

In any event, the forgery protection that financial institutions
require is considerably stronger than the anti-spam forgery protection
schemes being considered in this working group.

  As I've been saying, MARID is a start, but not the end solution to
spam.

  My comments were not intended to re-hash old issues.  Rather, they
were intended to point out that what for you seems like a "convenient
hack" is for others, including myself, a direct and personal attack on
our systems and reputation.

  I'm not trying to belittle your position.  Rather, I'm trying to
ensure that you don't belittle mine.

  Alan DeKok.