|
RE: namedroppers, continued
2002-12-02 14:25:06
This whole discussion should be taken to the
YWKTIEDNWWFALNORIBNLTICSADEWSIFOSTFSTNOML working group. (yes we know
that internet email does not work well for a large number of reasons,
including but not limited to, incorrect code, spam and dare we say it
failure of smtp to fully support the needs of mailing lists).
The only way to resolve this issue properly would be to require every
submission to an IETF mailing list to be cryptographically signed (PGP
or S/MIME), to require the subscribers to register their signing key and
to then filter the mail sent out on the list so that only signed mail
gets through.
While this would require a moderate degree of work on the part of the
list users it would eliminate the need for moderator action. Problem
posters could be dealt with by means of a formal process.
Thawte still provides free S/MIME certificates, however for the purposes
of this proposal it would suffice to use a self signed certificate.
SPAM is becomming a serious problem - as Bersnteins own rather offensive
spam protection measures atest. The only way to resolve that problem in
the long run is to start authenticating the good signal at source. The
strategy of attempting to isolate the bad signal from the good is
failling progressively as the spam companies employ counter measures.
The relevance of this to DNS is that the ability to authenticate an SRV
record provides an imense amount of leverage in automating this process.
For example I can have some form of information service set up linked to
the DNS that tells people that I sign every one of my emails without
exception and that any unsigned mail message can be rejected.
SPAM is a security problem. If we don't fix it the signal to noise ratio
will fall way below acceptable levels for many users.
Phill
-----Original Message-----
From: Pekka Savola [mailto:pekkas(_at_)netcore(_dot_)fi]
Sent: Saturday, November 30, 2002 8:00 AM
To: D. J. Bernstein
Cc: ietf(_at_)ietf(_dot_)org; namedroppers(_at_)ops(_dot_)ietf(_dot_)org;
iesg(_at_)ietf(_dot_)org
Subject: Re: namedroppers, continued
[ post by non-subscriber. with the massive amount of spam,
it is easy to miss
and therefore delete posts by non-subscribers. if you wish
to regularly
post from an address that is not subscribed to this mailing
list, send a
message to <listname>-owner(_at_)ops(_dot_)ietf(_dot_)org and ask to have
the alternate
address added to the list of addresses from which submissions are
automatically accepted. ]
On 29 Nov 2002, D. J. Bernstein wrote:
Keith claims that allowing ``contributions from outsiders'' requires
delay and manual review. That claim is absurd. Immediately
bounce the
message to the ``outsider,'' with instructions explaining
how to have
the message sent to subscribers; end of problem.
No, it's not 'end of problem'.
If I cross-post a reply to some message with was cross-posted
to a list
I'm subscribed at and a list I'm not, in the general case I
do *not* want
to subscribe to the other list to be able to send my
cross-post reply to
both.
Waiting for moderator approval is just fine for me, much better than
requiring to subscribe or do something else.
It's not black and white.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
--
to unsubscribe send a message to
namedroppers-request(_at_)ops(_dot_)ietf(_dot_)org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>
smime.p7s
Description: S/MIME cryptographic signature
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- RE: namedroppers, continued,
Hallam-Baker, Phillip <=
- RE: namedroppers, continued, Hallam-Baker, Phillip
- RE: namedroppers, continued, Hallam-Baker, Phillip
- RE: namedroppers, continued, Hallam-Baker, Phillip
- RE: namedroppers, continued, Hallam-Baker, Phillip
|
|
|