On Tue, Jan 20, 2004 at 10:03:11PM -0600, Thor Kooda wrote:
|
| Wouldn't a system that just used public key crypto to verify messages
| avoid any issues with the smtp envelope sender and forwarding?
|
| I understand that SPF (and friends) are more geared towards authorizing
| the path of a message, and not the message itself, but I think there is
| some merit in combining the two..
|
You are drawing a distinction between sender and author.
I have thought a little bit about this. The following are some notes to
myself. There is an important dichotomy in email. To illustrate the
dichotomy, here are some concepts, divided into two groups;
- envelope sender
- when forged, bounces happen
- needs to be protected from joe-jobs
- read by machine
- easiest way to authenticate is IP
- responsible for the conduit of the message
- sender accreditation based on sender policies: opt-out
AUP, hashcash, etc.
- reputation systems judge senders based on quality of
accreditation, contents of accreditation, and identity
- header From: (or Sender:)
- when forged, phishing happens
- needs to be protected from trademark infringement
- read by human
- easiest way to authenticate is crypto signature
- responsible for the content of the message
- author accreditation based on content: if the message is
verified to be from ebay.com you know you can click on a
link and it won't take you to a porn site.
- reputation systems judge authors based on choice of (maybe
outsourced) senders and their policies, on contents of
message, and identity
The distinction is important because a legitimate company
may outsource its customer communications to a third party
bulk mail provider.
The legitimate company authors messages, but the bulk mail
provider sends them, in the same way that a mailing list
subscriber authors messages, but a mailing list manager
sends them. Buy.com doesn't want to handle bounce messages:
it outsources sending to rm04.net.
A provider should be able to provide bulk mail sending
services without regard to author segmentation. If a bulk
mail provider that delivers legitimate press releases from
whitehouse.gov to news desks should be able to deliver
legitimate penis extension specials from whitehouse.com to
consenting adult customers, without interference.
Therefore a sender should be judged by fundamentally
different criteria than authors.
|
| A simple, un-intrusive hash+pubkey system could be used to verify that
| messages really did come from where they appear to have come from.
This is more or less domainkeys. Yahoo needs to publish a spec for it.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡