ietf-mxcomp
[Top] [All Lists]

Re: Reputation services for SenderID

2004-08-27 16:43:41

I'm hesitant to discuss this on the list right now, during last call, but 
briefly:

You seem to be describing the problems associated with arriving at a reputation 
for the domain-part of a PRA, given that you have a reputation database that's 
keyed by MTA address.  But wouldn't it be possible to create a reputation 
database based on the domain-part of the PRA itself?

I don't think this is by any means a trivial task, though.

-Jim

At 07:15 PM 8/27/2004 -0400, John Leslie wrote:
  We start by agreeing that the exact domain-part of the PRA is the
unit to be accredited; and presume some (unspecified) DNS lookup for
reputation information.

  We then evaluate the list of IPs authorized by the SPF2 record,
and run them against known IP blacklists; accumulating a score based
on weighting the reputation of those blacklists for spam identified,
false negatives, and false positives.

  Now the part you probably won't like: we must assign low weighting
to blacklists with high false negatives, while we can't assign low
weighting to blacklists with moderate false positives. Worst of all,
we can't assign any positive score to IP addresses not on any blacklist.

  Thus, in essence, we'll be producing ratings _highly_ correlated
with the number of IP addresses authorized by the SPF2 record, and
even for domains which only authorize a very few IP addresses, we'll
have no practical way (except manual processing of requests) to
correct outdated blacklist listings.

  We can, of course, include the suggested-service features of the
CSV proposal, but the reputations of suggested services would have
to be pretty-darn-good to outweigh the algorithm listed above.

  Can anybody design a better system of reputation services for
SenderID?