Re: [Asrg] Too Big to Block?

der Mouse <mouse@Rodents-Montreal.ORG> Thu, 09 July 2009 18:21 UTC

Return-Path: <mouse@Sparkle.Rodents-Montreal.ORG>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6A3293A6BCB for <asrg@core3.amsl.com>; Thu, 9 Jul 2009 11:21:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.584
X-Spam-Level:
X-Spam-Status: No, score=-9.584 tagged_above=-999 required=5 tests=[AWL=0.404, BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8iQEHVT7sOYO for <asrg@core3.amsl.com>; Thu, 9 Jul 2009 11:21:42 -0700 (PDT)
Received: from Sparkle.Rodents-Montreal.ORG (Sparkle.Rodents-Montreal.ORG [216.46.5.7]) by core3.amsl.com (Postfix) with ESMTP id 559773A6B7B for <asrg@irtf.org>; Thu, 9 Jul 2009 11:21:42 -0700 (PDT)
Received: (from mouse@localhost) by Sparkle.Rodents-Montreal.ORG (8.8.8/8.8.8) id OAA26788; Thu, 9 Jul 2009 14:21:52 -0400 (EDT)
From: der Mouse <mouse@Rodents-Montreal.ORG>
Message-Id: <200907091821.OAA26788@Sparkle.Rodents-Montreal.ORG>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway.
X-Message-Flag: Microsoft: the company who gave us the botnet zombies.
Date: Thu, 9 Jul 2009 13:59:30 -0400 (EDT)
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
In-Reply-To: <20090709173627.GP15652@verdi>
References: <4A426B9D.7090901@mines-paristech.fr> <4A43618A.6000205@tana.it> <4A4F7DD0.4040404@billmail.scconsult.com> <4A51D35E.70306@tana.it> <4A52C36D.6040207@billmail.scconsult.com> <20090708141747.GA2822@gsp.org> <20090708155704.GN15652@verdi> <20090709120305.GC26436@gsp.org> <20090709152717.GO15652@verdi> <200907091604.MAA25275@Sparkle.Rodents-Montreal.ORG> <20090709173627.GP15652@verdi>
Subject: Re: [Asrg] Too Big to Block?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jul 2009 18:21:43 -0000

>> The point is not the zombies attacking the crypto.  The point is
>> zombies (ab)using their machines' legitimate owners' epostage.
> This is a problem why?

Because it means epostage won't help: it'll just mean that abused
machines' owners pay in yet another way.  (If epostage is expensive
enough, it may help a little in that it may slightly reduce the
compromise rate, but I think more likely it will result in pressure
against epostage.)

>>> Making ePostage work is clearly possible in an environment of [...]
>> Quite possibly.  Are such environments common enough to matter?
> I can imagine them... Why couldn't they be common?

I don't know.  But deployed epostage seems to be remarkably rare, so
_something_ is preventing its uptake; either your idea of how common
such environments are is way high or there's something else preventing
deployment despite what appears to be an open-and-shut case in favour.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse@rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B