Re: [Asrg] Too Big to Block?

der Mouse <mouse@Rodents-Montreal.ORG> Thu, 09 July 2009 16:04 UTC

Return-Path: <mouse@Sparkle.Rodents-Montreal.ORG>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A664E3A6AA7 for <asrg@core3.amsl.com>; Thu, 9 Jul 2009 09:04:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.572
X-Spam-Level:
X-Spam-Status: No, score=-9.572 tagged_above=-999 required=5 tests=[AWL=0.416, BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pbrLQuSyYjuV for <asrg@core3.amsl.com>; Thu, 9 Jul 2009 09:04:21 -0700 (PDT)
Received: from Sparkle.Rodents-Montreal.ORG (Sparkle.Rodents-Montreal.ORG [216.46.5.7]) by core3.amsl.com (Postfix) with ESMTP id 348433A6C6B for <asrg@irtf.org>; Thu, 9 Jul 2009 09:04:19 -0700 (PDT)
Received: (from mouse@localhost) by Sparkle.Rodents-Montreal.ORG (8.8.8/8.8.8) id MAA25275; Thu, 9 Jul 2009 12:04:28 -0400 (EDT)
From: der Mouse <mouse@Rodents-Montreal.ORG>
Message-Id: <200907091604.MAA25275@Sparkle.Rodents-Montreal.ORG>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway.
X-Message-Flag: Microsoft: the company who gave us the botnet zombies.
Date: Thu, 9 Jul 2009 11:45:06 -0400 (EDT)
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
In-Reply-To: <20090709152717.GO15652@verdi>
References: <4A41E506.2010106@mines-paristech.fr> <20090624160052.B5DC62428A@panix5.panix.com> <4A426B9D.7090901@mines-paristech.fr> <4A43618A.6000205@tana.it> <4A4F7DD0.4040404@billmail.scconsult.com> <4A51D35E.70306@tana.it> <4A52C36D.6040207@billmail.scconsult.com> <20090708141747.GA2822@gsp.org> <20090708155704.GN15652@verdi> <20090709120305.GC26436@gsp.org> <20090709152717.GO15652@verdi>
Subject: Re: [Asrg] Too Big to Block?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jul 2009 16:04:22 -0000

>>> The introduction of reputation services [...]
>> We already have blacklists,
> Blacklists are, at most, one-bit reputiation services (which nobody
> would pay "two-bits" for).

At work (an ISP) we're paying substantially more than two bits for
access to a blacklist.  We find it worth it.

>> Epostage is dead-on-arrival for a number of reasons, including "a
>> hundred million zombies".
> A hundred million zombies aren't enough to guess strong password
> encryption

The point is not the zombies attacking the crypto.  The point is
zombies (ab)using their machines' legitimate owners' epostage.

> Making ePostage work is clearly possible in an environment of [...]

Quite possibly.  Are such environments common enough to matter?

I don't think anyone's claiming epostage doesn't have even a niche
place.  But so far it doesn't seem to have more than that.  People keep
claiming it does, but the proof (ie, the example) is, so far, lacking.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse@rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B