IETF Logo Mail Archive

Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network

"Alan DeKok" <aland@freeradius.org> Tue, 15 July 2003 12:50 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA16794 for <asrg-archive@odin.ietf.org>; Tue, 15 Jul 2003 08:50:12 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cPFZ-00044C-FE for asrg-archive@odin.ietf.org; Tue, 15 Jul 2003 08:49:46 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h6FCnjUa015633 for asrg-archive@odin.ietf.org; Tue, 15 Jul 2003 08:49:45 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cPFZ-000444-AN for asrg-web-archive@optimus.ietf.org; Tue, 15 Jul 2003 08:49:45 -0400
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA16774; Tue, 15 Jul 2003 08:49:41 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cPEr-0003wk-H5; Tue, 15 Jul 2003 08:49:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cPEX-0003wF-CA for asrg@optimus.ietf.org; Tue, 15 Jul 2003 08:48:41 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA16736 for <asrg@ietf.org>; Tue, 15 Jul 2003 08:48:36 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19cPEV-0001bI-00 for asrg@ietf.org; Tue, 15 Jul 2003 08:48:39 -0400
Received: from giles.striker.ottawa.on.ca ([192.139.46.36] helo=mail.nitros9.org ident=root) by ietf-mx with esmtp (Exim 4.12) id 19cPEL-0001bC-00 for asrg@ietf.org; Tue, 15 Jul 2003 08:48:29 -0400
Received: from [127.0.0.1] (helo=giles.striker.ottawa.on.ca ident=aland) by mail.nitros9.org with esmtp (Exim 3.34 #1) id 19cPD5-0002ua-00 for asrg@ietf.org; Tue, 15 Jul 2003 08:47:12 -0400
From: Alan DeKok <aland@freeradius.org>
To: asrg@ietf.org
Subject: Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network
In-Reply-To: Your message of "Mon, 14 Jul 2003 21:32:04 EDT." <23D3B662-B664-11D7-B331-00039380F1B6@pobox.com>
Message-Id: <E19cPD5-0002ua-00@mail.nitros9.org>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 15 Jul 2003 08:47:11 -0400

mathew <meta@pobox.com> wrote:
> On Friday, July 11, 2003, at 12:46 PM, Alan DeKok wrote:
> > ... this incident can be taken as the start of the end for mobile
> > users of naked, unauthenticated, unverifiable SMTP.  There are other
> > methods by which they can send email, and those methods will help
> > protect against this kind of spam attack, at least.
> 
> They will? How?

  By spreading the load of spam detection & filtering.

> If the user's copy of Microsoft Outlook is capable of sending e-mail, 
> then it doesn't matter if you authenticate or verify before allowing 
> SMTP. 

  Who is the "you" in that sentence?

  a) owner of the domain/MTA the sender is claiming to be from
  b) the final recipient

  If by 'you", you mean "the recipient", then of course authentication
doesn't help, because the recipient *can't* authenticate the sender.
And why is the recipient responsible for authenticating the identity
of all senders?  Does no one think that's a stupid idea?

  If, on the other hand, the roaming sender authenticates to his home
domain, and uses his home MTA for email, then the home domain now has
the opportunity to be a Good Netizen, and filter out the crap before
spewing it onto the net.  This won't happen all of the time, but it
will happen sometimes.

> It doesn't help a bit, any more than it would help to block SMTP.

  Only if you assume that the recipient is the one doing ALL of the
work of spam detection & filtering, and that no one else on the
network does anything.

  Spam filtering on outbound messages is perfectly permissible in many
cases, and legally required in many.  Do you really think that it's
legally acceptable for businesses to allow their employees to send
(whatever illegal content) to each other, or to people outside of the
company?

> As long as the machine can be used to send e-mail, and can easily be 
> compromised (i.e. is running Windows), it can be used to send spam.

  Nonsense.  It can be used to *try* to send spam, but there's no
guarantee that the recipient will be bothered by those attempts, or
even know about them.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email