Re: [spf-discuss] SPF, DKIM, and NIH
2009-10-16 11:11:48
Ian Eiloart wrote:
--On 14 October 2009 15:08:15 -0700 David MacQuigg
<macquigg(_at_)ece(_dot_)arizona(_dot_)edu> wrote:
OK, I think I understand now what you mean by "sender". Sender
(individual author) addresses are worthless to identify bad senders.
See above.
That's simply not my experience. I've seen spear phishing attacks from
gmail accounts that are listed on blacklists. The blacklisting of
sender addresses does have value to me.
I wasn't aware of any blacklists of individual sender addresses. I
would like to give it a try. Where can I find one?
But, there's a bigger picture here. I'd like to rate-limit new senders
that haven't earned a good reputation. I can do that for individual
gmail users, but can't apply the same rate limit to all gmail users.
I would rather not try to separate good from bad within Gmail. That is
really Gmail's responsibility. I just rate the entire mailflow from
Gmail to our receivers. Whitelisting of individual Gmail authors can be
done by our individual recipients.
Therefore, I need a reputation system that allows me to key on sender
addresses. However, to do that, I need some sort of assurance that the
author address hasn't been spoofed.
Without having some kind of worldwide individual identity system, it
just can't be done. You will always have to rely on the mail submission
agent (MSA) to verify its user accounts. Some are strict, and have no
spammers among their users. Others, like Gmail, are more concerned
about getting new accounts. We need to make the cost of that decision
higher than the cost of losing a few legitimate accounts when new
subscribers find it inconvenient to provide strong individual
identification to their MSAs. We can do that by holding the MSA
responsible.
A global individual ID system will also have major problems with privacy
and anonymity issues. Organizations operating Internet transmitters
have no legitimate reason to hide their identity.
A reliance on individual IDs will also produce a weak reputation
system. There are far too many IDs to keep track of, and the data for
each one is too sparse. Reputation is best accumulated at the highest
level which still has some authority over its domain. az.us is too
high. Nobody in Arizona can control what all the domains do.
(Theoretically they could, but there is no actual delegation of
authority to az.us (no SOA record).) We have chosen pima.az.us as the
optimum level. Pima county can enforce standards for anyone operating a
transmitter under their name.
-- Dave
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/
[http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [spf-discuss] SPF, DKIM, and NIH, (continued)
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Hector Santos
- Re: [spf-discuss] SPF, DKIM, and NIH, Hector Santos
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Hector Santos
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH,
David MacQuigg <=
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Sanford Whiteman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Spear Phishing (was: [spf-discuss] SPF, DKIM, and NIH), Steven Dorst
|
Previous by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Next by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Previous by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Next by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|