Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network
"Alan DeKok" <aland@freeradius.org> Tue, 15 July 2003 12:50 UTC
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA16794 for <asrg-archive@odin.ietf.org>; Tue, 15 Jul 2003 08:50:12 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cPFZ-00044C-FE for asrg-archive@odin.ietf.org; Tue, 15 Jul 2003 08:49:46 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h6FCnjUa015633 for asrg-archive@odin.ietf.org; Tue, 15 Jul 2003 08:49:45 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cPFZ-000444-AN for asrg-web-archive@optimus.ietf.org; Tue, 15 Jul 2003 08:49:45 -0400
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA16774; Tue, 15 Jul 2003 08:49:41 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cPEr-0003wk-H5; Tue, 15 Jul 2003 08:49:01 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19cPEX-0003wF-CA for asrg@optimus.ietf.org; Tue, 15 Jul 2003 08:48:41 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id IAA16736 for <asrg@ietf.org>; Tue, 15 Jul 2003 08:48:36 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19cPEV-0001bI-00 for asrg@ietf.org; Tue, 15 Jul 2003 08:48:39 -0400
Received: from giles.striker.ottawa.on.ca ([192.139.46.36] helo=mail.nitros9.org ident=root) by ietf-mx with esmtp (Exim 4.12) id 19cPEL-0001bC-00 for asrg@ietf.org; Tue, 15 Jul 2003 08:48:29 -0400
Received: from [127.0.0.1] (helo=giles.striker.ottawa.on.ca ident=aland) by mail.nitros9.org with esmtp (Exim 3.34 #1) id 19cPD5-0002ua-00 for asrg@ietf.org; Tue, 15 Jul 2003 08:47:12 -0400
From: Alan DeKok <aland@freeradius.org>
To: asrg@ietf.org
Subject: Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network
In-Reply-To: Your message of "Mon, 14 Jul 2003 21:32:04 EDT." <23D3B662-B664-11D7-B331-00039380F1B6@pobox.com>
Message-Id: <E19cPD5-0002ua-00@mail.nitros9.org>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 15 Jul 2003 08:47:11 -0400
mathew <meta@pobox.com> wrote: > On Friday, July 11, 2003, at 12:46 PM, Alan DeKok wrote: > > ... this incident can be taken as the start of the end for mobile > > users of naked, unauthenticated, unverifiable SMTP. There are other > > methods by which they can send email, and those methods will help > > protect against this kind of spam attack, at least. > > They will? How? By spreading the load of spam detection & filtering. > If the user's copy of Microsoft Outlook is capable of sending e-mail, > then it doesn't matter if you authenticate or verify before allowing > SMTP. Who is the "you" in that sentence? a) owner of the domain/MTA the sender is claiming to be from b) the final recipient If by 'you", you mean "the recipient", then of course authentication doesn't help, because the recipient *can't* authenticate the sender. And why is the recipient responsible for authenticating the identity of all senders? Does no one think that's a stupid idea? If, on the other hand, the roaming sender authenticates to his home domain, and uses his home MTA for email, then the home domain now has the opportunity to be a Good Netizen, and filter out the crap before spewing it onto the net. This won't happen all of the time, but it will happen sometimes. > It doesn't help a bit, any more than it would help to block SMTP. Only if you assume that the recipient is the one doing ALL of the work of spam detection & filtering, and that no one else on the network does anything. Spam filtering on outbound messages is perfectly permissible in many cases, and legally required in many. Do you really think that it's legally acceptable for businesses to allow their employees to send (whatever illegal content) to each other, or to people outside of the company? > As long as the machine can be used to send e-mail, and can easily be > compromised (i.e. is running Windows), it can be used to send spam. Nonsense. It can be used to *try* to send spam, but there's no guarantee that the recipient will be bothered by those attempts, or even know about them. Alan DeKok. _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] 0.General - News Article - NYT Reports Por… Yakov Shafranovich
- Re: [Asrg] 0.General - News Article - NYT Reports… Alan DeKok
- Re: [Asrg] 0.General - News Article - NYT Reports… Raymond S Brand
- Re: [Asrg] 0.General - News Article - NYT Reports… Alan DeKok
- Re: [Asrg] 0.General - News Article - NYT Reports… Raymond S Brand
- Re: [Asrg] 0.General - News Article - NYT Reports… Barry Shein
- Re: [Asrg] 0.General - News Article - NYT Reports… Yakov Shafranovich
- Re: [Asrg] 0.General - News Article - NYT Reports… Barry Shein
- Re: [Asrg] 0.General - News Article - NYT Reports… Jon Kyme
- Re: [Asrg] 0.General - News Article - NYT Reports… Eric Brunner-Williams in Portland Maine
- Re: [Asrg] 0.General - News Article - NYT Reports… Yakov Shafranovich
- Re: [Asrg] 0.General - News Article - NYT Reports… Yakov Shafranovich
- Re: [Asrg] 0.General - News Article - NYT Reports… mathew
- Re: [Asrg] 0.General - News Article - NYT Reports… Alan DeKok
- Re: [Asrg] 0.General - News Article - NYT Reports… mathew
- Re: [Asrg] 0.General - News Article - NYT Reports… Yakov Shafranovich
- Re: [Asrg] 0.General - News Article - NYT Reports… Jon Kyme
- Re: [Asrg] 0.General - News Article - NYT Reports… C. Wegrzyn
- Re: [Asrg] 0.General - News Article - NYT Reports… C. Wegrzyn
- Re: [Asrg] 0.General - News Article - NYT Reports… Alan DeKok
- Re: [Asrg] 0.General - News Article - NYT Reports… Philip Miller
- Re: [Asrg] 0.General - News Article - NYT Reports… Yakov Shafranovich