ietf
[Top] [All Lists]

Re: proposal for built-in spam burden & email privacy protection

2004-02-09 06:47:00


--On Sunday, 08 February, 2004 20:21 -0600 Spencer Dawkins <spencer(_at_)mcsr-labs(_dot_)org> wrote:

Hi, Ed,

I don't know everything about e-mail, although I do send and
receive e-mail from time to time.

I would be interested in reading reasons from others why this
is a bad idea. It seems interesting to me.

Let's assume I have a mailing list. Take the IETF list as a handy example. This technique implies that

(i) The IETF list exploder needs to track several thousand (I'm just guessing at the number here) public keys, encrypt each list message separately and mail it separately or encrypt each message going out for all of the recipients (the latter is somewhat less network intensive on some dimensions, and slightly less computationally intensive, but not much, and would ensure that every message going out, even trivial ones, was 40K-50Kb long, minimum). With current computational capacity at the secretariat, I think that would probably throttle the IETF list back to a handful of messages a day, total. That might be a good idea, but is probably not the intent :-(

(ii) All a spammer would need to do would be to guess or know one of the addresses that is subscribed to the IETF list, or subscribe temporarily himself, then post the spam to the list, in order to get the list exploder to do that work for him.

Now, Franck's suggestion would work better from a list protection standpoint (but not from an expense one, unless the two were combined). For it, the spammer would need to have a key pair, and would have to sign every message. That would merely require the list exploder (and perhaps you) to have the public keys of everyone who could post to the list (that may imply more or less a general solution to the PKI problem, including the key revocation piece) and to verify the signatures. And, of course, nothing would prevent a spammer from generating a key pair, signing up for the list,... and then doing it again when that key pair/ mail ID was blocked for bad behavior. Remember key generation is cheap, unless we require people to go to a source for certificates that charges significant money for the service.

Next?

:-(

The only thing I'm wondering about is, since all the press
reports about recent viruses say they set up zombie networks,
I'm wondering if placing a CPU burden on someone who controls
100,000 PCs is harder than you think...

That too. And, of course, the IETF list exploder doesn't consist of 100,000 PCs, nor does any other mailing list service I know of.

We really need a "things that seems to be good anti-spam ideas but aren't" list to be compiled and linked to from the ASRG and IMC spam pages. It would save everyone a lot of time and energy.

   john