Re: [Asrg] EPOSTAGE Too Big to Block?

John Levine <johnl@taugh.com> Fri, 10 July 2009 00:44 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 799FB3A6B1E for <asrg@core3.amsl.com>; Thu, 9 Jul 2009 17:44:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -19.164
X-Spam-Level:
X-Spam-Status: No, score=-19.164 tagged_above=-999 required=5 tests=[AWL=0.035, BAYES_00=-2.599, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IGQmIdamDE52 for <asrg@core3.amsl.com>; Thu, 9 Jul 2009 17:44:22 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [208.31.42.53]) by core3.amsl.com (Postfix) with ESMTP id A65D83A6B71 for <asrg@irtf.org>; Thu, 9 Jul 2009 17:43:56 -0700 (PDT)
Received: (qmail 40468 invoked from network); 10 Jul 2009 00:44:23 -0000
Received: from mail1.iecc.com (208.31.42.56) by mail1.iecc.com with QMQP; 10 Jul 2009 00:44:23 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding; s=k0907; olt=johnl@user.iecc.com; bh=dVeC3hIBsIzgS4l5vQSVQ7FP/7Hn96qVfSTsZSFZo1U=; b=L8xuUt1BfpOCvMNhAx5ze/yrJkB8ktJ6n3kzAC2VpjicjJTy3X271hFHHMGFfZZB3q2JznI/NnxtPiG2zZjJIiI90kfLzJ9kIKIU+lLHd9Z2ucC3rwjScQOQp292ryM/NbbPjVK2IW4ckiFCtgTN8Wq09Qnfm0LpMbHfAvRvrls=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding; s=k0907; bh=dVeC3hIBsIzgS4l5vQSVQ7FP/7Hn96qVfSTsZSFZo1U=; b=uKeZ9LCemDVaCKChkHf3TCna9/GSTjEY7AOu1HnbGStkkktAsd9AFzN4Z0eP+3RfSJgM3pbkVKXZUoD2W3P8Hf8x5I5V3nZbL7lFCm77p6DoECIMiUYrcsjsAIA6MkW3j2+MTGpM1mF52/83LBRMOHuUoTb6UW7Swblhta71cdM=
Date: 10 Jul 2009 00:44:23 -0000
Message-ID: <20090710004423.35119.qmail@simone.iecc.com>
From: John Levine <johnl@taugh.com>
To: asrg@irtf.org
In-Reply-To: <20090709173627.GP15652@verdi>
Organization:
Cc:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: 7bit
Subject: Re: [Asrg] EPOSTAGE Too Big to Block?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jul 2009 00:44:23 -0000

Please remember the rule about labelling EPOSTAGE messages.

>> The point is not the zombies attacking the crypto.  The point is
>> zombies (ab)using their machines' legitimate owners' epostage.
>
>   This is a problem why?

It destroys epostage's credibility to potential users.  Please see my
white paper.

>> Quite possibly.  Are such environments common enough to matter?
>   I can imagine them... Why couldn't they be common?

Ahem.  I can imagine flying hippopotami, too.

>> place.  But so far it doesn't seem to have more than that.  People keep
>> claiming it does, but the proof (ie, the example) is, so far, lacking.
>
>   Hmm... sounds like a good "research" project...

Right.  Have at it.

R's,
John