On Wed, Feb 18, 2004 at 03:33:21PM +0000, Shevek wrote:
On Wed, 18 Feb 2004 mw-list-spf-discuss(_at_)csi(_dot_)hu wrote:
On Tue, Feb 17, 2004 at 06:49:32PM -0500, Meng Weng Wong wrote:
On Tue, Feb 17, 2004 at 09:26:57AM -0600,
mw-list-spf-discuss(_at_)csi(_dot_)hu wrote:
| But why not focus on the really fundamental problems:
|
| 1) How do you propose to handle users' forwarding from .forward or
| .qmail files (as opposed to relaying)?
.forward before: final(_at_)destination(_dot_)com
.forward after: "|/usr/bin/srs --secret=/etc/srs.secret
final(_at_)destination(_dot_)com"
What if destination.com is hosted on the same server?
This does not affect SRS at all.
Do you mean that that srs has to be used in case of all forwarding?
Or do you expect the user to know where a particular domain is hosted?
Each user will handle (know?) the secrets?
In this particular instantiation, yes. It may be possible to create an SRS
wrapper which knows the secret, but which is not readable to the user. The
user generally gains nothing from either knowing or selling the secret, so
this probably isn't important.
Are you relying on users not to sell the secret for $1000 to a
spammer? Are you relying on users for implementing/keeping security?
(Since it's inevitably going to be asked:)
If the user is a spammer, then ... why do you have a spammer as a user?
Throw him off.
After the server was already used for relaying spam. Spammers already
expect this treatment---means nothing to them.
| 2) How do you propose to handle SRS in case of multiple incoming and
| outgoing servers?
Each server has to know the SRS secret(s).
What if the two MX's for a domain are on two different company's
servers? Should they trust each other with the secrets?
If either of your company MX servers is malicious, you are in deep shit.
If neither of them is malicious, you might as well give them the secret.
It's not like it has particular monetary value.
I guess here you mean that if I decide on two MX's for my domain, then
_I_ will give them a set of secrets. In other words, each domain is
supposed to have its own set of secrets. The problems are then twofold:
1) The two MX's have to trust you for giving them a correct set of
secrets, and that you will not sell these secrets. And they also have
to live with the fact that if your secret is exposed on one MX, the
other becomes vulnerable to spamming too. Do you think two unrelated
companies are willing to take this risk?
2) If a server is an MX for 100K domains, then it would have to deal
with millions of secrets. Is this something servers can easily handle?
How?
Mate
--
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis
Please avoid sending me Word or PowerPoint attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html