spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Re: FYI: Return Path Rewriting (RPR) - Mail Forwarding in the Spam Age

2004-12-07 14:10:01
from [Seth Goodman] [Permanent Link] 
From: Hannah Schroeter
Sent: Tuesday, December 07, 2004 2:13 PM


Hello!

On Wed, Dec 01, 2004 at 11:48:31PM +0100, Frank Ellermann wrote:

william(at)elan.net wrote:



For those of you collecting SPF-related links:
 http://www.roe.ch/spam/return-path-rewriting.xml



Interesting, but not exactly what Hannah needs for her millions
of domains if I got it right:  It works for addresses up to 40
characters (incl. "@" replaced by "_").


I haven't counted. SRS0 adds only 13 characters, allowing for 51
characters for the original address (including its '@', which is changed
to a '=', together with the order reversal), so SRS0 seems to be less
bad with that.


SRS0 requires the sending domain to be included twice, so the amount of
local-part taken up by the signature is dependent on the length of the
original domain.  Though few domains take advantage of the full length
allowed, this can be 255-characters.  More typical for this use is an SRS0
address like the following from Stuart Gathman (I hope he doesn't mind):

SRS0=cAp/t=OT=gathman(_dot_)org=stuart(_at_)fairfax(_dot_)gathman(_dot_)org

In this particular case, the SRS0 signature added 26 characters.  As a
comparison, an SES signature takes around 30 characters for a domain with
100Gbps validation server bandwidth (yes, the 100Gbps is not a typo), 30-day
signature expiration time and the chosen text attack must be not be feasible
for an attacker with a zombie army of 10^6 zombies that can each perform
10^7 HMAC-SHA1's/second 24 hours a day for the full signature lifetime.
These two signatures are not comparable, though they are similar length,
since the SRS0 signature has nowhere near this level of security, is
vulnerable to replay attack and still allows forged forwards from a valid,
throw-away domain to claim your domain as originator.  The set of
assumptions used to get the SES signature length of 30 characters is
extremely conservative and obviously is far more than most sites need,
though it may come close to describing your site's needs.  If your site has
less resources, shorter signature lifetime or doesn't feel an attacker can
have than many full-time zombies (I don't think an attack of this scale has
every been sustained for close to the time required), you can use a shorter
SES signature.  Also, if your site is willing to accept the level of
security offered by the typical SRS0 signature above, something I wouldn't
personally recommend, then the SES signature can be _much_ shorter.  In
contrast to using SRS0 for this purpose, an SES signature is the same length
regardless of the length of the original domain name.

--

Seth Goodman
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Re: RFC 2821 and responsibility for forwarding, terry
Next by Date:  SPF-DISCUSS Mail Summary Report, winserver . support
Previous by Thread:  Re: Re: FYI: Return Path Rewriting (RPR) - Mail Forwarding in the Spam Age, Hannah Schroeter
Next by Thread:  Re: FYI: Return Path Rewriting (RPR) - Mail Forwarding in the Spam Age, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]