ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: A spammer subscribed to this list ?

2004-08-04 09:31:55
from [Hallam-Baker, Phillip] [Permanent Link] 


In the early days of the asrg mailing list, there were spammers
subscribed without any doubt. And they weren't just listening. Some
people were trying to jam the mailing list with high bandwidth blabla
and spreading wrong technical informations (wrong quoting of technical
proposals and other e-mails). I'm pretty sure that some of them were
at least related to spammers (maybe authors of spamming software).


I agree with Hadmut's analysis here. 


So why shouldn't it be any different here? Whatever you do, expect the
spammers to be prepared. 


I am on a number of anti-phishing mailing lists and even though they 
are by invitation only and have very highly controlled distributions
we assume that there is information leakage.

Sure the bad guys are reading. There are clearly people who are playing
both sides of the fence. We have to think in terms of the attacks that
they will attempt.


We are not designing a system here that depends on secrecy of the
design for its security.

There are mechanisms that people could in theory use to obtain a
false assurance that an email is authentic. These are known to 
involve BGP and DNS attacks that are already the subject of concern
and mitigation.

There are also means by which a message can be sent that makes it 
appear that the recipient cannot expect authentication to work 
without additional data. This is not a concern at this point since
there is no requirement to implement MARID at all and the worst 
case is no different from the status quo, the messages end up going
through spam filtering.


I am not concerned about spammers discovering this information, it
has been discussed repeatedly.

I am however concerned about spammers spreading FUD to derail the
process, and as is quite clear, it is not even necessary for the
spammer to mail to the list to do this, nor is this necessarily 
the most effective means of doing so.


Some of these guys are expert social engineers. So consider this for
an attack. You call up someone who is known for being somewhat 
obssessional on a particular issue and wind him up with a line about 
how MARID is the work of Voldemort.

Just a thought.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: How is SPF different from RMX?, Tony Finch
Next by Date:  RE: How is SPF different from RMX?, Hallam-Baker, Phillip
Previous by Thread:  RE: A spammer subscribed to this list ?, Pete Resnick
Next by Thread:  Interaction with anti-spam systems (was Re: A spammer subscribed to this list ? ), Alan DeKok
Indexes:  [Date] [Thread] [Top] [All Lists]