Re: [Asrg] RMX proposals and Nash Equilibrium
"Alan DeKok" <aland@freeradius.org> Sun, 04 May 2003 14:25 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA01194 for <asrg-archive@odin.ietf.org>; Sun, 4 May 2003 10:25:17 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h44EWn811326 for asrg-archive@odin.ietf.org; Sun, 4 May 2003 10:32:49 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h44EWn811323 for <asrg-web-archive@optimus.ietf.org>; Sun, 4 May 2003 10:32:49 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA01184; Sun, 4 May 2003 10:24:46 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19CKS6-00017m-00; Sun, 04 May 2003 10:26:54 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19CKS5-00017j-00; Sun, 04 May 2003 10:26:53 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h44EV5811271; Sun, 4 May 2003 10:31:05 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h44EUa811231 for <asrg@optimus.ietf.org>; Sun, 4 May 2003 10:30:36 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA01144 for <asrg@ietf.org>; Sun, 4 May 2003 10:22:19 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19CKPi-000179-00 for asrg@ietf.org; Sun, 04 May 2003 10:24:26 -0400
Received: from giles.striker.ottawa.on.ca ([192.139.46.36] helo=mail.nitros9.org ident=root) by ietf-mx with esmtp (Exim 4.12) id 19CKPd-00016i-00 for asrg@ietf.org; Sun, 04 May 2003 10:24:21 -0400
Received: from localhost ([127.0.0.1] helo=giles.striker.ottawa.on.ca ident=aland) by mail.nitros9.org with esmtp (Exim 3.34 #1) id 19CKas-0006LA-00 for asrg@ietf.org; Sun, 04 May 2003 10:35:58 -0400
From: Alan DeKok <aland@freeradius.org>
To: asrg@ietf.org
Subject: Re: [Asrg] RMX proposals and Nash Equilibrium
In-Reply-To: Your message of "Sat, 03 May 2003 17:51:17 EDT." <Pine.GSO.4.10.10305031750130.15105-100000@nber1.nber.org>
Message-Id: <E19CKas-0006LA-00@mail.nitros9.org>
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Sun, 04 May 2003 10:35:57 -0400
Daniel Feenberg <feenberg@nber.org> wrote: > Given that Hotmail participated, would I set my mailer to check MAIL FROM > RR records? If sendmail supported it as a feature, I probably would. It > would cut 50% of my incoming spam, with very few type two errors. So in > the short run I have a substantial positive incentive to do the checking. > But remember that most mail won't come from checkable addresses. I can't > start rejecting that mail without justifiable complaints from my users. That's not the point. The usual idea is that any new anti-spam method allows MTA administrators to catch & delete spam. This idea is wrong. Anti-spam methods allow MTA administrators to make better decisions with less work, than their curent methods. If one of the outcomes of those decisions is to drop mail, then it's a local MTA issue, and totally unrelated to the anti-spam method. An alternative policy approach for sites implementing RMX lookups would be to rate-limit non-RMX connections to some small amount of bandwidth. Mail from non-RMX sites would still get through, but would be punished relative to RMX aware sites. > Would I have much incentive to register my server names? To start with, > very little, as I am not aware of any spammers using my return address, You're lucky. Nothing more. > But there are millions of possible names. Spammers could use all of them - > they already have them, after all. At that point the incentive for sites > to check incoming mail is greatly reduced. If there are any disadvantages > (and there are some related to roving users and forwarded mail) then a > dramatic reduction in the advantage might sink the proposal at > non-participating sites. It won't catch 50% of the mail anymore , but only > a tiny fraction. What you're missing is that email is not evenly distributed across domains. So if even 20% of mail to an ISP comes from a few sites implementing RMX, that 20% will contain little to no spam. In addition, RMX still allows nearly zero-cost "grouping" of messages into categories: accountable originating MTA's, and non-accountable ones. At that point, it becomes feasible to drop nearly all content filtering for accountable originators, because you can trust (at some level) that any spam from them will be non-deniable, and that they will probably deal with the issue. > Therefore I believe that the eventual equilibrium is that many domains may > register allowed SMTP sources for their outgoing mail, and some will > reject incoming mail which does not match one of the registered domains, > but that essentially no sites will reject mail from non-participating > domains and spammers will not use registered domains in MAIL FROM: > addresses. Net improvement: little or none. Nonsense. Again, you're stuck on the idea that the MTA choices are to drop the mail, or to accept it blindly. There are more options. Non-RMX sites can be put through a content filter which has a high false positive rate, but a low false negative one. Any bounce/error message from the content filter can say "Because you didn't do anything which allowed us to trivially verify you, we're doing the work, and we're doing it in a way to make us happy. If it means dumping your messages, well, it sucks to be you." > Compare this to connection IP address based blacklists of open relays. In > that case each participating site benefits from refusing mail from open > relays. Again with the accept/refuse... > As relays are closed the remaining relays share the traffic among a > smaller group. The increased traffic increases the incentive for the > remaining relays to close up. True, but irrelevant. Little spam comes from open relays. A lot comes from knowingly complicit senders, from "owned" machines, or from throw-away accounts. Alan DeKok. _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] RMX proposals and Nash Equilibrium Daniel Feenberg
- RE: [Asrg] RMX proposals and Nash Equilibrium Daniel Feenberg
- Re: [Asrg] RMX proposals and Nash Equilibrium Alan DeKok
- Re: [Asrg] RMX proposals and Nash Equilibrium Alan DeKok
- RE: [Asrg] RMX proposals and Nash Equilibrium Eric D. Williams
- Re: [Asrg] RMX proposals and Nash Equilibrium Mike Rubel
- RE: [Asrg] RMX proposals and Nash Equilibrium Kee Hinckley
- RE: [Asrg] RMX proposals and Nash Equilibrium Eric D. Williams
- Re: [Asrg] RMX proposals and Nash Equilibrium J C Lawrence
- Re: [Asrg] RMX proposals and Nash Equilibrium Barry Shein
- Re: [Asrg] RMX proposals and Nash Equilibrium Dave Crocker
- Re: [Asrg] RMX proposals and Nash Equilibrium Mike Rubel
- Re: RE: [Asrg] RMX proposals and Nash Equilibrium Jon Kyme
- Re: [Asrg] RMX proposals and Nash Equilibrium Peter J. Holzer
- RE: [Asrg] RMX proposals and Nash Equilibrium Tom Thomson