[Top] [All Lists]

Re: MyDoom, Sorbig - Actions taken?

2004-02-05 08:56:16

I'd like to draw a parallel between "outgoing messages" and "outgoing IP 

Here, I'm using the term "outgoing" in a very broad sense.

To reduce the amount of IP packet spoofing, router software manufacturers and 
network admins have been encouraged to check "outgoing" packets and filter out 
packets containing "spoofed" addresses. This can be easily done in routers and 
could/should/has (?) reduced or eliminated spoofed packets traversing the 

Wouldn't it be nice if the same sort of thing could be done with email 
Imagine all the viruses that would be blocked because they could only send mail 
behalf of the "originating location's mail domain".

Of course, it can't really be done due to the current design of SMTP. Yes, 
there are 
some proposals that allow recipients to try to verify the allowability of an IP 
to send mail on behalf "claimed sender addresses", but I consider these to be 
aid solutions.

And most importantly, controlling "outgoing" messages has nothing to do with 
payload of those messages. So, MIME issues, for example, aren't in the picture 
because the transport mechanism is transparent.

I think this is a good discussion to have. That is, can the email system be 
changed to 
reduce propagation of these types of viruses? I didn't see the initial posting 
in this 
thread, so I cannot comment on any early proposals that may have made.

I do think that "propagation control" is more likely to be successful if its 
transparent. I also think that given the current design of SMTP, no easy, 
and reliable solution for SMTP will be forthcoming.  

So, perhaps mail-ng is the place to discuss sweeping reforms to messaging as we 
know it, and this forum is a place to discuss shorter term solutions that are 
effective and possible.

I must say I'm rather disappointed with the tone of this thread, the innuendo 
chest thumping on all sides.  I think list subscribers are here because they 
made contributions to "the technology of messaging" in the past, currently are 
so, or will do so in the future.

So comments like "you're clueless go away" and "I'm great look at all the stuff 
wrote" seem out of character.

Thanks for reading this far.

Brad Clements,                bkc(_at_)murkworks(_dot_)com   (315)268-1000                          (315)268-9812 Fax                   AOL-IM: BKClements

<Prev in Thread] Current Thread [Next in Thread>