ietf-mxcomp
[Top] [All Lists]

Re: IPR: analysis of Microsoft patent applications

2004-09-19 00:01:16

On Sat, 2004-09-18 at 04:34, Roy Badami wrote:
"David" == David Woodhouse <dwmw2(_at_)infradead(_dot_)org> writes:

    David> When considered holistically, the domain/IP verification
    David> schemes don't actually manage to achieve anything more than
    David> CSV does -- they only give a way to determine how much to
    David> trust the individual mail server which is offering the
    David> mail.

I don't think that's true.  The domain/IP verification schemes
directly address forgery, in a way that CSV doesn't.  Think about
Sender ID as a tool for senders who (for whatever reason) want to be
able to prevent others from sending forged mail claiming to be from
them.

When financial institutions use consistent EHLO names for their MTAs and
validated EHLO names are presented to users, then this too serves to
foil forgeries.  This depends upon users being able to recognize these
names through their normal correspondence.  The marid-mpr draft was to
illustrate a simple name list could be used to confirm the message is
within the nominal mail channel. 

The advantages using CSV/MPR over Sender-ID are as follows:

a) The RFC2822 From will be marked out of the nominal mail channel
   irrespective of any other headers. 

b) A single DNS lookup is required to obtain the mailbox domain/MTA
   association.

c) Phase-in is safer with reliance upon the EHLO name and not the
   mailbox domain.  Until seen, there is no increased expectations.

d) The EHLO is stronger, and more difficult to spoof than Sender-ID and
   allows for reputations to be safely asserted.

e) Reputation assertions upon the EHLO name-
   1) Isolate problems where this is not true for Sender-ID.
   2) Does not constrain the use of the mailbox domain allowing provider
      choice.
   3) Protects consumers from lax providers tarnishing their reputation.
   4) Allows mailbox domain associations to safely be open without
      inviting spoofing exploits.

As a tool for recipients, Sender ID and CSV both provide a hook on
which to hang reputation and accreditation systems, and I'm agnostic
as to which will work better in the real world, though my feeling is
that they may in fact turn out to be complementary.

Sender-ID does not provide a safe hook for reputation assertions nor
does it provide good forgery protection as it can be easily spoofed.

-Doug