Re: [Asrg] 6 - Yahoo Domain Keys
Barry Shein <bzs@world.std.com> Wed, 19 May 2004 22:45 UTC
Received: from optimus.ietf.org (iesg.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA26127 for <asrg-archive@odin.ietf.org>; Wed, 19 May 2004 18:45:53 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQZmr-0006ol-Di for asrg-archive@odin.ietf.org; Wed, 19 May 2004 18:43:45 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i4JMhj0J026203 for asrg-archive@odin.ietf.org; Wed, 19 May 2004 18:43:45 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQZeU-0004Uw-9M for asrg-web-archive@optimus.ietf.org; Wed, 19 May 2004 18:35:06 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA25512 for <asrg-web-archive@ietf.org>; Wed, 19 May 2004 18:35:01 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BQZeR-00047v-8Z for asrg-web-archive@ietf.org; Wed, 19 May 2004 18:35:03 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BQZdV-00042B-00 for asrg-web-archive@ietf.org; Wed, 19 May 2004 18:34:06 -0400
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1BQZd5-0003wj-00 for asrg-web-archive@ietf.org; Wed, 19 May 2004 18:33:39 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQZXk-0002RI-GQ; Wed, 19 May 2004 18:28:08 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BQZME-0005lZ-9c for asrg@optimus.ietf.org; Wed, 19 May 2004 18:16:16 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA24517 for <asrg@ietf.org>; Wed, 19 May 2004 18:16:10 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BQZMB-00026s-Bj for asrg@ietf.org; Wed, 19 May 2004 18:16:11 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BQZLV-00021g-00 for asrg@ietf.org; Wed, 19 May 2004 18:15:30 -0400
Received: from pcls2.std.com ([192.74.137.142] helo=TheWorld.com) by ietf-mx with esmtp (Exim 4.12) id 1BQZKv-0001vP-00 for asrg@ietf.org; Wed, 19 May 2004 18:14:53 -0400
Received: from world.std.com (root@world-e.std.com [69.38.147.5]) by TheWorld.com (8.12.8p1/8.12.8) with ESMTP id i4JMErZw032390; Wed, 19 May 2004 18:14:53 -0400
Received: (from bzs@localhost) by world.std.com (8.12.8p1/8.12.8) id i4JMEqJl029609; Wed, 19 May 2004 18:14:52 -0400 (EDT)
From: Barry Shein <bzs@world.std.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <16555.56412.585254.961521@world.std.com>
To: Chris <asrg@rebel.com.au>
Cc: Yakov Shafranovich <research@solidmatrix.com>, ASRG <asrg@ietf.org>
Subject: Re: [Asrg] 6 - Yahoo Domain Keys
In-Reply-To: <GPEMJLCHICHEGPOKJHHDCELEHPAA.asrg@rebel.com.au>
References: <40AAB82D.3090004@solidmatrix.com> <GPEMJLCHICHEGPOKJHHDCELEHPAA.asrg@rebel.com.au>
X-Mailer: VM 7.07 under Emacs 21.2.2
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
Date: Wed, 19 May 2004 18:14:52 -0400
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.9 required=5.0 tests=AWL,DOMAIN_BODY autolearn=no version=2.60
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
FWIW, I still think these sort of approaches might have some utility with authentication but will have little to no effect on spam so I wonder why they get so much attention on this list. As far as I can tell spammers have now become domain registries and just generate random-appearing, generated domains like www.fxbrezd.com (or, more often, .info or .somecountryyoudon'twanttoknowmoreabout.) For example, these whacko domains usually have functioning MX's. Which means they can just as easily set up SPF or Domain Key or similar services for those randomly generated domains. Also, much spam from hijacked PCs seems to use the hijacked PC's host, as in wasteofoxygen@dyn-83-155-31-99.ppp.tiscali.fr That sort of thing will get around these SPF/YDK approaches, right? And of course there's the whole problem of the envelope vs the header since these generally check the envelope but the user generally sees the header so can be spoofed anyhow. I realize this generally prompts a response about how there's some effort, somewhere, to extend all this into the header which is passed off as an answer but it quickly starts to sound like "oh we'll invent that too!" back-patching on an apparently weak idea. Again, I don't know for a fact that this is completely useless technology (like proof-of-work which is useless technology), but I think it's only potentially useful against certain types of scams, domain forgeries with malicious intent, in a very weak way, and as such really has little to nothing to do with spam per se except inasmuch as we can rationalize that ``anything which comes via email and might harm or annoy me'' is hereby spam.= -- -Barry Shein Software Tool & Die | bzs@TheWorld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo* _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] [Fwd: Yahoo! Mail Publishes Specification … Yakov Shafranovich
- [Asrg] 6 - Yahoo Domain Keys Chris
- Re: [Asrg] 6 - Yahoo Domain Keys Seth Breidbart
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys John Levine
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… John Levine
- [Asrg] Re: 6 - Yahoo Domain Keys Philip Miller
- Re: [Asrg] 6 - Yahoo Domain Keys Alan DeKok
- Re: [Asrg] 6 - Yahoo Domain Keys George Ou
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Mark Baugher
- Re: [Asrg] 6 - Yahoo Domain Keys Matt Sergeant
- Re: [Asrg] Re: 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] 6 - Yahoo Domain Keys Seth Breidbart
- Re: [Asrg] Re: 6 - Yahoo Domain Keys der Mouse
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… William Leibzon
- Re: [Asrg] 6 - Yahoo Domain Keys Barry Shein
- Re: [Asrg] Re: 6 - Yahoo Domain Keys William Leibzon
- Re: [Asrg] 6 - Yahoo Domain Keys George Ou
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Matthew Elvey
- RE: [Asrg] 6 - Yahoo Domain Keys Chris
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Chris
- blacklisting throwaway domains, was Re: [Asrg] Re… Tony Finch
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… John Capo
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Matthew Elvey
- Re: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Yakov Shafranovich
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… William Leibzon
- RE: [Asrg] [Fwd: Yahoo! Mail Publishes Specificat… Chris