In
<1077735777(_dot_)7826(_dot_)839(_dot_)camel(_at_)hades(_dot_)cambridge(_dot_)redhat(_dot_)com>
David Woodhouse <dwmw2(_at_)infradead(_dot_)org> writes:
On Wed, 2004-02-25 at 12:39 -0600, wayne wrote:
But mailing lists mangle the email body some. And spammers morph
their spam some. I don't see any obvious ways to distinguish these
two cases. Especially when you consider the number of weird and/or
broken mailing list software out there and the fact that spammers will
actively try and make their spam indistinguishable from mailing lists
mangling.
I'm very confused by this. [...]
It's not clear to me how a spammer could send a mail which contains
_your_ 40-odd lines, intact and still matching the strong cryptographic
signature, but which is sufficiently modified to be useful as spam.
Many mailing lists add advertisments at the bottom. Replace these
short ads with their own and spew their ads to their list of email
addresses.
Individuals are used to seeing these ads in a different color because
they subscribe to mailing lists. They don't understand what the
different color means. They are likely to be fooled by the spam.
Or, you get a signed copy of an eBay email (easy to do), and postfix
it with a short phishing URL/message. Send it to everyone, and it
looks secure to most people.
And even if they _did_, my MUA could be configured not to _show_ the
added text unless I explicitly ask it to for this particular mail.
Uh, first, you are now talking about updating MUAs in order for this
DK-like thing to work. That is going to happen *FAR* slower than MTAs
being updated.
Second, people aren't going to turn the mailing list trailers off
because they often provide useful information, like how to unsubscribe
and where the archives are.
Bear in mind that the list software or the MTA _could_ be updated to
sign the _whole_ message, footers and all.
Right, which gets back to Justin Mason's original point: DK needs
requires changes to mailing lists.
There is also the replay problem
Which is of limited use if they _have_ to replay with the same message
body, and the additions are immediately identifiable and hence
discardable.
No, I'm talking about a spammer signing up with a Yahoo account, and
sending their spam for their spam run to themselves. They then have a
copy of their spam signed with Yahoo's domainkey, and they can then
send this to everyone.
Mailing lists send the same email to many people. Spammers send the
same spam to many people. [...]
There is no distinction, surely? The aim is merely to ensure that the
spammer cannot easily pretend to be someone other than who they really
are, and neither can the poster to the mailing list.
Most people are strangers to you. There is very little value in being
able to say "yeah, this person who I know nothing about is not the
same as this other person I know nothing about." If you look at email
from strangers, such as posters to many mailing lists, then you will
look at spammers email also.
-wayne