ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Buckets of spam coming through IETF lists

2011-04-06 10:49:29
from [Alessandro Vesely] [Permanent Link] 
On 06/Apr/11 16:01, Dave CROCKER wrote:

On 4/1/2011 9:08 PM, Fred Baker wrote:

On Apr 1, 2011, at 10:28 PM, John R. Levine wrote:

Some clever spambot seems to have scraped a bunch of addresses out
of the
archives and is sending spam with multiple addresses on the From: line
through IETF and IRTF mailing lists.  Surely I'm not the only one
who's
seeing it.


DKIM is directly designed to address this... What do we need to do
to put it in play?


Unfortunately, DKIM is /not/ designed to address this.  DKIM is designed
to provide a reliable, accurate identifier upon which reputation data
can be developed.


Yet, as the MLM-draft documents:

  MLMs typically attempt to authenticate messages posted through them.
  They usually do this through the trivial (and insecure) means of
  verifying the RFC5322.From field email address (or, less frequently,
  the RFC5321.MailFrom parameter) against a list registry.  DKIM
  enables a stronger form of authentication, although this is not yet
  formally documented: It can require that messages using a given
  RFC5322.From address also have a DKIM signature with a corresponding
  "d=" domain.  This feature would be somewhat similar to using ADSP,
  except that the requirement for it would be imposed by the MLM and
  not the author's organization.
               http://tools.ietf.org/html/draft-ietf-dkim-mailinglists

It would be interesting to implement such authentication for IETF
lists, e.g. as part of some IETF Code Sprint.  It will alleviate
moderation, although it will require some maintenance for itself.


That's a fundamentally different task from detected invalid From:
field contents.


Likewise, DKIM hardly supports non-repudiation of content, if at all.


ADSP, and add-on to DKIM, is felt by its promoters to be useful for
detecting invalid From: fields, but it does not work through
mailing lists.


The "somewhat similar feature" described in the MLM-draft assumes that
(some) posters consistently use submission servers that DKIM-sign
relayed mail.  Thus, the MLM can automatically reject posts claiming
to be from such posters, if they are not validly signed.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Last Call: <draft-ietf-enum-iax-10.txt> (IANA Registration for Enumservice 'iax') to Informational RFC, Cullen Jennings
Next by Date:  Re: draft-housley-two-maturity-levels-05, RJ Atkinson
Previous by Thread:  Re: Buckets of spam coming through IETF lists, Dave CROCKER
Next by Thread:  Re: Buckets of spam coming through IETF lists, Bob Hinden
Indexes:  [Date] [Thread] [Top] [All Lists]