[Top] [All Lists]

Chain of Trusted Forwarders

2005-05-28 16:45:44

At 05:48 PM 5/28/2005 -0400, Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:

On Sat, 28 May 2005 13:05:20 PDT, David MacQuigg said:

> I would establish three levels of compliance for servers wanting to be
> listed as Public Mail Servers:
> 1) Servers that will declare their ID, and provide a DNS record to
> authorize the use of that ID.
> 2) Servers that will capture the IP address and any ID declared by the
> previous sender, and prepend that information in a standard authentication
> header.
> 3) Servers that will perform an authentication check on the declared ID,
> using any widely-accepted method, and prepend the result of that check.

4) Servers that will prepend text that appears that they have performed one
or more of the previous tests, with a claimed result.

You forgot the authentication part. Let's be very specific with this example and avoid a long digression.

Spammer -->  Forwarder1 --> Forwarder2 -->  Receiver

A Trusted Forwarder will authenticate the ID presented by the Spammer. The Receiver will look at that ID, and rate it just as if the Spammer had connected directly to the Receiver. If one of the Trusted Forwarders messes up an authentication, then that forwarder loses reputation.

The game could get a little more complicated if Forwarder1 is the spammer's friend, but not much. About the fifth time a rating service has to deal with a he-said-she-said situation involving Forwarder1, it will be pretty clear who is faking authentication headers.

************************************************************     *
* David MacQuigg, PhD     email: david_macquigg at     *  *
* IC Design Engineer            phone:  USA 520-721-4583      *  *  *
* Analog Design Methodologies                                 *  *  *
*                                 9320 East Mikelyn Lane       * * *
* VRS Consulting, P.C.            Tucson, Arizona 85710          *
************************************************************     *

<Prev in Thread] Current Thread [Next in Thread>