mail-ng
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: a few short notes

2004-02-02 03:56:59
from [Paul Smith] [Permanent Link] 

At 23:47 01/02/2004, Jari Arkko wrote:


Martin Duerst wrote:

At 16:56 04/02/01 +0100, Iljitsch van Beijnum wrote:
Mandatory authentication is also a bad idea IMO. Obviously authentication is very important and must be supported so that people who only want to receive mail from verifyable sources get to implement this policy, but that doesn't mean that we should force *everyone* to use such a policy. 

I tend to disagree. *I* don't want you to receive a message that is faked
and pretends to come from me, but doesn't. Even if you don't care, I do.
I would strongly prefer a system that would not allow this. And my gut
feeling is that most users would be with me on this.


I think the hard question is what level of "authentication" to require.
I am pretty sure 99.99% of users want better protection against spoofed
addresses than we currently have. But I am not sure they are willing to
go as far as mandating a global PKI of all e-mail users. So what's left, then?
Just verifying the two domains but not the users?
I think the 'chain of trust' idea comes in. I want to know that the mail server that sent me a message from 'bill(_at_)microsoft(_dot_)com' actually was allowed to do that. Then, I want to know that that mail server had checked who it had got the message from (ideally it has put details of the check it did into the message's metadata)
Yes, that mail server could fake the authentication details it had received, but it could be made so it wouldn't be able to fake whether or not it was allowed to send mail from that address. So, if it was allowed to send mail from bill(_at_)microsoft(_dot_)com, but it had faked the authentication details it had received, I would have some confidence in blocking the mail from that domain, because I know at least that domain hasn't been faked.
The only way for me to know that the original sender IS who (s)he says it is, is to have a global PKI with a central registry who verifies all users are who they say they are - which isn't possible.
Having the 'chain of trust' idea is a vast improvement over what we have now, wouldn't be too hard to implement (IMHO) and would make it a lot more difficult (if not impossible) for spammers to work in the way they do now.
"All" it would leave would be ISPs who allow quick & easy (& free, sometimes) sign up without checking their new users' details, and then allow them to send unlimited emails before their accounts get blocked (if the ISP goes that far). I don't see any workable way to stop that particular problem other than by those ISPs acting with more care themselves.
Even that would be easier to work around that it is now as anti-spam databases could be set up to quickly react to spammer email addresses in the same way that DNSBLs are set up now for spammer IP addresses, but with more precision, and more accuracy, since you could *know* that the spammer email address is authentic. 


Paul                            VPOP3 - Internet Email Server/Gateway
support(_at_)pscs(_dot_)co(_dot_)uk                     http://www.pscs.co.uk/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: user-visible goals, Paul Smith
Next by Date:  Re: What I see as problems to solve ... and a strawman solution, Paul Smith
Previous by Thread:  Re: a few short notes, Eric A. Hall
Next by Thread:  Re: a few short notes, Chuq Von Rospach
Indexes:  [Date] [Thread] [Top] [All Lists]