IETF Logo Mail Archive

Re: [Asrg] Forged Paths...

Florian Weimer <fw@deneb.enyo.de> Sat, 20 September 2003 01:37 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA01405 for <asrg-archive@odin.ietf.org>; Fri, 19 Sep 2003 21:37:19 -0400 (EDT)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.12.8/8.12.8) with ESMTP id h8K1VhCl020140 for <asrg-archive@odin.ietf.org>; Fri, 19 Sep 2003 21:36:56 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h69FI9nA013343 for asrg-archive@odin.ietf.org; Wed, 9 Jul 2003 11:18:09 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19aGho-0003Mp-VR for asrg-web-archive@optimus.ietf.org; Wed, 09 Jul 2003 11:18:04 -0400
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA05309; Wed, 9 Jul 2003 11:17:40 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19aGgo-000346-I0; Wed, 09 Jul 2003 11:17:02 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19aGfz-0002kE-WA for asrg@optimus.ietf.org; Wed, 09 Jul 2003 11:16:13 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA05239 for <Asrg@ietf.org>; Wed, 9 Jul 2003 11:16:09 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19aGfz-0007Ow-00 for Asrg@ietf.org; Wed, 09 Jul 2003 11:16:11 -0400
Received: from host-212-9-163-21.dial.netic.de ([212.9.163.21] helo=mail.enyo.de) by ietf-mx with esmtp (Exim 4.12) id 19aGfy-0007Oe-00 for Asrg@ietf.org; Wed, 09 Jul 2003 11:16:10 -0400
Received: from [212.9.189.171] (helo=deneb.enyo.de) by mail.enyo.de with esmtp (Exim 4.20) id 19aGfU-0005cQ-EX; Wed, 09 Jul 2003 17:15:40 +0200
Received: from fw by deneb.enyo.de with local (Exim 4.20) id 19aGfT-0000Jj-Q8; Wed, 09 Jul 2003 17:15:39 +0200
To: Art Pollard <pollarda@lextek.com>
Cc: Asrg@ietf.org
Subject: Re: [Asrg] Forged Paths...
References: <5.1.0.14.2.20030708190335.04599008@mail.1s.com>
From: Florian Weimer <fw@deneb.enyo.de>
Mail-Followup-To: Art Pollard <pollarda@lextek.com>, Asrg@ietf.org
In-Reply-To: <5.1.0.14.2.20030708190335.04599008@mail.1s.com> (Art Pollard's message of "Tue, 08 Jul 2003 19:14:49 -0600")
Message-ID: <87vfublois.fsf@deneb.enyo.de>
User-Agent: Gnus/5.1003 (Gnus v5.10.3) Emacs/21.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Wed, 09 Jul 2003 17:15:39 +0200

Art Pollard <pollarda@lextek.com> writes:

> One of the big issues when it comes to spam is tracing where the
> message has originated from.  Of course, this is complicated when
> people forge headers to try to obfuscate the origin of the e-mail.
>
> What I propose is this:
>
> During each jump on the path that the e-mail takes to arrive to the
> sender, each interim mail server digitally signs the path.

This is not sufficient for the identification of the real originator.
The the last mail server operator in the chain may or may not know the
actual originator's identity (i.e. correct postal address of a real
person, or name, mother's maiden name and SSN) .

In addition, fear of being identified rarely seems to stop a spammer,
so your proposal is not very usable on its own.  Other approaches
which require originator can use something which is less heavyweight
and tailored to the specific system.

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email