IETF Logo Mail Archive

Re: [Asrg] 6 - Yahoo Domain Keys

John Levine <asrg@johnlevine.com> Wed, 19 May 2004 23:22 UTC

Received: from optimus.ietf.org (www.iesg.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA28408 for <asrg-archive@odin.ietf.org>; Wed, 19 May 2004 19:22:36 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQaM2-0007y0-SG for asrg-archive@odin.ietf.org; Wed, 19 May 2004 19:20:07 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i4JNK6WX030624 for asrg-archive@odin.ietf.org; Wed, 19 May 2004 19:20:06 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQaHl-0006lW-El for asrg-web-archive@optimus.ietf.org; Wed, 19 May 2004 19:15:41 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA27932 for <asrg-web-archive@ietf.org>; Wed, 19 May 2004 19:15:38 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BQaHj-0001N1-Sg for asrg-web-archive@ietf.org; Wed, 19 May 2004 19:15:39 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BQaGO-00019i-00 for asrg-web-archive@ietf.org; Wed, 19 May 2004 19:14:18 -0400
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1BQaEg-0000pU-00 for asrg-web-archive@ietf.org; Wed, 19 May 2004 19:12:30 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQaBP-0005Ch-Pj; Wed, 19 May 2004 19:09:07 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQa4r-0002bZ-3g for asrg@optimus.ietf.org; Wed, 19 May 2004 19:02:21 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA27093 for <asrg@ietf.org>; Wed, 19 May 2004 19:02:16 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BQa4n-0007O9-Oi for asrg@ietf.org; Wed, 19 May 2004 19:02:17 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BQa3v-0007HT-00 for asrg@ietf.org; Wed, 19 May 2004 19:01:24 -0400
Received: from xuxa.iecc.com ([208.31.42.42]) by ietf-mx with esmtp (Exim 4.12) id 1BQa3K-00079H-00 for asrg@ietf.org; Wed, 19 May 2004 19:00:46 -0400
Received: (qmail 22250 invoked by uid 100); 19 May 2004 23:00:41 -0000
Message-ID: <20040519230041.22249.qmail@xuxa.iecc.com>
From: John Levine <asrg@johnlevine.com>
To: asrg@ietf.org
Subject: Re: [Asrg] 6 - Yahoo Domain Keys
In-Reply-To: <16555.56412.585254.961521@world.std.com>
Organization: I.E.C.C., Trumansburg NY USA
Cc: bzs@world.std.com
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
Date: Wed, 19 May 2004 23:00:41 -0000
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.60

>Also, much spam from hijacked PCs seems to use the hijacked
>PC's host, as in wasteofoxygen@dyn-83-155-31-99.ppp.tiscali.fr
>
>That sort of thing will get around these SPF/YDK approaches, right?

No, a valid DK signature tells you that the message really was signed
by the domain in the From: line.  If there's a zombie'd PC at
tiscali.fr, and it sends mail through Tiscali's mail servers using a
tiscali.fr address, and the servers sign it (which, with half decent
volume checks they wouldn't) it'll pass DK checks.

I agree that knowing that mail really came from woifnsdnskensk.com
isn't very useful without a reputation system, but DK at least
validates the actual mail that you see, not the envelope which you
don't.

Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.

-- 
John R. Levine, IECC, POB 727, Trumansburg NY 14886 +1 607 330 5711
johnl@iecc.com, Mayor, http://johnlevine.com, 
Member, Provisional board, Coalition Against Unsolicited Commercial E-mail

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email