[Top] [All Lists]

Re: Chain of Trusted Forwarders

2005-05-28 21:47:35
On Sat, 28 May 2005 16:45:40 PDT, David MacQuigg said:

Spammer -->  Forwarder1 --> Forwarder2 -->  Receiver

A Trusted Forwarder will authenticate the ID presented by the Spammer.  The 
Receiver will look at that ID, and rate it just as if the Spammer had 
connected directly to the Receiver.  If one of the Trusted Forwarders 
messes up an authentication, then that forwarder loses reputation.

Exactly.  So every time Forwarder*2* accepts a bogus one, *it* loses...

The game could get a little more complicated if Forwarder1 is the spammer's

The whole point is that Forwarder1 can be *assumed* to be the spammer's...

friend, but not much.  About the fifth time a rating service has to deal 
with a he-said-she-said situation involving Forwarder1, it will be pretty 
clear who is faking authentication headers.

And after a long run of Forwarder1A..Forwarder1Q.., Forwarder2 is starting to
look pretty shaky in the reputation market as well.  Remember that we're talking
here about a class of opponents that have *literally* hundreds of thousands of
drones to enlist, and throwing tens of millions of bogus authentications.
"About the 5th time" gets you through the first 35 seconds of a concerted attack
against the reputation mechanism, if *that* long.

And don't bother suggesting "slow-start" mechanisms for setting up reputations -
the spammers are *already* sometimes lining up domains and zombies well in 
of the run they are to be used for.  There's no reason to believe they *won't*
engage in a ramp-up of bouncing totally pointless mail back and forth just to
drive up their reputation score before they make their spam run...

Attachment: pgpB68PDmRosr.pgp
Description: PGP signature

<Prev in Thread] Current Thread [Next in Thread>