Re: [Asrg] whitelisting links (was Re: misconception in SPF)

Dave Crocker <dhc@dcrocker.net> Mon, 10 December 2012 21:36 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A77421F8654 for <asrg@ietfa.amsl.com>; Mon, 10 Dec 2012 13:36:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.556
X-Spam-Level:
X-Spam-Status: No, score=-6.556 tagged_above=-999 required=5 tests=[AWL=0.043, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0S--MpwgGdvi for <asrg@ietfa.amsl.com>; Mon, 10 Dec 2012 13:36:11 -0800 (PST)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id 1854721F84FC for <asrg@irtf.org>; Mon, 10 Dec 2012 13:36:11 -0800 (PST)
Received: from [192.168.1.9] (adsl-67-127-190-125.dsl.pltn13.pacbell.net [67.127.190.125]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id qBALa78c017666 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 10 Dec 2012 13:36:07 -0800
Message-ID: <50C655C7.20105@dcrocker.net>
Date: Mon, 10 Dec 2012 13:36:07 -0800
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20121206212116.10328.qmail@joyce.lan> <50C1A95A.5000001@pscs.co.uk> <50C4A7F8.3010201@dcrocker.net> <CAFdugamTbTirVV2zXKOmc9oTaCS+QiTemhT=jvYJnHYscHQK7g@mail.gmail.com> <0D79787962F6AE4B84B2CC41FC957D0B20ACE6D0@ABN-EXCH1A.green.sophos> <20121209213307.D90C12429B@panix5.panix.com> <CAFduganBR_E-ui-3Xbic6F7qSmg1-Q+ideXLvb+1isLz8OF0Nw@mail.gmail.com> <0D79787962F6AE4B84B2CC41FC957D0B20ACFFE1@ABN-EXCH1A.green.sophos> <50C5A9A0.105@pscs.co.uk> <0D79787962F6AE4B84B2CC41FC957D0B20AD01B2@ABN-EXCH1A.green.sophos> <20121210145627.GA21217@gsp.org> <50C6121D.9040607@dcrocker.net>, <50C617A2.8090602@pscs.co.uk> <0D79787962F6AE4B84B2CC41FC957D0B20AD5E36@ABN-EXCH1A.green.sophos> <50C644F6.3090901@pscs.co.uk> <69AD22AF-9494-44EB-AC86-75ED04E7AE3A@blighty.com>
In-Reply-To: <69AD22AF-9494-44EB-AC86-75ED04E7AE3A@blighty.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Mon, 10 Dec 2012 13:36:08 -0800 (PST)
Cc: Steve Atkins <steve@blighty.com>
Subject: Re: [Asrg] whitelisting links (was Re: misconception in SPF)
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: dcrocker@bbiw.net, Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2012 21:36:17 -0000

On 12/10/2012 12:41 PM, Steve Atkins wrote:
>
> On Dec 10, 2012, at 12:24 PM, Paul Smith <paul@pscs.co.uk> wrote:
>> Remember, the idea wasn't to have a 'global' list of 'good
>> domains', but ones which the *user* has whitelisted, so the user
>> recognises them.
>
> If it's user managed - rather than managed by a third party that
> actually keeps track of who is a bank and who isn't - I'd guess it'd
>  just lead to meta-phishing, where the goal is to get the user to add
>  a link to their whitelist, rather than having them click on a link.


Fair point.  that's probably why an independent list, such as
Bitdefender seems to use, is probably the right approach.  I could
imagine, however, some possible benefit in keeping track of which
entries in the list a particular user tends to go to.  Such as one or a
few banks versus others.




On 12/10/2012 12:48 PM, Martijn Grooten wrote:
> Again, there are a lot of web filters already out there. Can someone
> explain either why the problem we're trying to solve here is
> different than the one they attempt to solve or, if it isn't, why our
> solution will be better?

I'm not sure it is 'different' but possibly 'in addition'.  I'm 
suggesting integration with the MUA.  And to be clear, I'm not clear 
about the details.  I'm merely offering a very basic idea.  The precise 
details, nevermind determining actual efficacy, would be TBD.

d/

-- 
  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net