IETF Logo Mail Archive

Re: [Asrg] seeking comments on new RMX article

Damian Gerow <damian@sentex.net> Tue, 06 May 2003 15:51 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA26862 for <asrg-archive@odin.ietf.org>; Tue, 6 May 2003 11:51:02 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h46FxZr02445 for asrg-archive@odin.ietf.org; Tue, 6 May 2003 11:59:35 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46FxZ802442 for <asrg-web-archive@optimus.ietf.org>; Tue, 6 May 2003 11:59:35 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA26844; Tue, 6 May 2003 11:50:32 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19D4k9-00006B-00; Tue, 06 May 2003 11:52:37 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19D4k9-000068-00; Tue, 06 May 2003 11:52:37 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46FrP802121; Tue, 6 May 2003 11:53:25 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46FnW801917 for <asrg@optimus.ietf.org>; Tue, 6 May 2003 11:49:32 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA26578 for <asrg@ietf.org>; Tue, 6 May 2003 11:40:29 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19D4aQ-00002T-00 for asrg@ietf.org; Tue, 06 May 2003 11:42:35 -0400
Received: from pyroxene.sentex.ca ([199.212.134.18]) by ietf-mx with esmtp (Exim 4.12) id 19D4aP-00002I-00 for asrg@ietf.org; Tue, 06 May 2003 11:42:34 -0400
Received: from pegmatite.sentex.ca (pegmatite.sentex.ca [192.168.42.92]) by pyroxene.sentex.ca (8.12.9/8.12.8) with ESMTP id h46Fgm8C085246 for <asrg@ietf.org>; Tue, 6 May 2003 11:42:49 -0400 (EDT) (envelope-from damian@sentex.net)
Received: by pegmatite.sentex.ca (Postfix, from userid 1001) id EF03B1708B; Tue, 6 May 2003 11:42:47 -0400 (EDT)
From: Damian Gerow <damian@sentex.net>
To: asrg@ietf.org
Subject: Re: [Asrg] seeking comments on new RMX article
Message-ID: <20030506154247.GF777@sentex.net>
Mail-Followup-To: asrg@ietf.org
References: <Pine.LNX.4.44.0305051946590.11255-100000@tamale.caltech.edu> <200305060550.h465olHn011387@calcite.rhyolite.com> <2335175049.20030506075958@brandenburg.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="llIrKcgUOe3dCx0c"
Content-Disposition: inline
In-Reply-To: <2335175049.20030506075958@brandenburg.com>
X-GPG-Key-Id: 0xB841F142
X-GPG-Fingerprint: C7C1 E1D1 EC06 7C86 AF7C 57E6 173D 9CF6 B841 F142
X-Habeas-SWE-1: winter into spring
X-Habeas-SWE-2: brightly anticipated
X-Habeas-SWE-3: like Habeas SWE (tm)
X-Habeas-SWE-4: Copyright 2002 Habeas (tm)
X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this
X-Habeas-SWE-6: email in exchange for a license for this Habeas
X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant
X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this
X-Habeas-SWE-9: mark in spam to <http://www.habeas.com/report/>.
User-Agent: Mutt/1.5.4i
X-Virus-Scanned: By Sentex Communications (lava/20020517)
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 06 May 2003 11:42:47 -0400

I've kept fairly quiet (list volume has kept me falling behind almost
consistantly), but I'll stick my head in here.

Thus spake Dave Crocker (dhc@dcrocker.net) [06/05/03 11:21]:
> ps.  It strikes me that the RMX proposal is conceptually similar to the
> old IDENT specification which purported to offer wonderful security but
> was soundly rejected by the security community.

The big difference is that IDENT is a per-user authentication mechanism,
where as RMX is a per-domain authentication mechanism.  IDENT gave you the
ability to figure out which users were on a system.  RMX just tells you the
outbound MX for a domain.  I don't see the massive security concerns.

Being somewhat security-conscious, I /do/ see /small/ problems with the RMX
record, specifically when talking about things like mixmaster.  But the easy
workaround is that mixmaster's either shouldn't use RMX, or should use RMX
on the inbound (I haven't played seriously with the project, so my concept
could be way off, but if they verify that mail coming in to the network is
valid, then in turn, mail going out of the network remains valid, and is
still anonymous.  However, it does add a point of concern to inbound mail,
but I don't believe it to be massive.  If you wish to debate this point,
mail me directly -- my ears are opened to corrections).  Anonymous remailers
could set up their RMX to be 0/0.

So then spammers move to using mixmasters to send their mail.  Well, short
of legislation, I don't see any way to identify the valid source of spam
once it gets in to a mixmaster setup.

So all that really happens is that things like open relays and open proxies
become less and less valuable, and anonymous remailers become infinitely
more popular.  However, they are no more /valuable/ than they are right now
-- the provide the same service, they do the same thing.

v2.23.0 | Report a Bug | By Email