IETF Logo Mail Archive

Re: [Asrg] Re: RMX Records

Roland <list-asrg@openrbl.org> Tue, 04 March 2003 10:25 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA11356 for <asrg-archive@odin.ietf.org>; Tue, 4 Mar 2003 05:25:32 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h24AZw323124 for asrg-archive@odin.ietf.org; Tue, 4 Mar 2003 05:35:58 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h24AZvp23121 for <asrg-web-archive@optimus.ietf.org>; Tue, 4 Mar 2003 05:35:57 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA11351; Tue, 4 Mar 2003 05:25:01 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h24AZ2p23093; Tue, 4 Mar 2003 05:35:02 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h24AYqp23066 for <asrg@optimus.ietf.org>; Tue, 4 Mar 2003 05:34:52 -0500
Received: from vqx.net (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA11335 for <asrg@ietf.org>; Tue, 4 Mar 2003 05:23:55 -0500 (EST)
Received: from (AUTH: e40a9cea) by vqx.net with esmtp (courier-0.40) for <asrg@ietf.org>; Tue, 04 Mar 2003 10:26:00 +0000
Orig-Date: Tue, 04 Mar 2003 11:26:28 +0100
From: Roland <list-asrg@openrbl.org>
To: ASRG <asrg@ietf.org>
Subject: Re: [Asrg] Re: RMX Records
In-Reply-To: <20030304092839.GA1965@danisch.de>
References: <20030304000807.A4309027@exeter.ac.uk> <20030304092839.GA1965@danisch.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-ID: <courier.3E647F38.0000EC37@msgid.vqx.net>
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 04 Mar 2003 10:26:00 +0000
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

--Hadmut Danisch wrote on 04.03.03 10:28 +0100:

>> That doesn't generally work because the mail hub will tend to reject
>> mail so sent because you're coming from a different ISP.  eg. sales
>> person uses aol.com, eartlink.net (or other international ISP) drops
>> of mail at mail.foo.com mail hub, and if the mail hub isn't vulnerable
>> to the open relay problem, it will reject the mail.
> 
> Hmm, I silently presumed that everybody is aware that we don't
> have an open relay. The machine supports several kinds of
> authentication through STARTTLS and SASL. You can drop mail only
> if you authenticated before. 

I think we can safely assume the wide availability of authenticated
ESMTP for everybody within the next years, even if its just based on
plain old pop-bevore-smtp.
It's basically the lack of authenticated ESMTP (and capable clients)
which forced ISP's to limit relaying to their own dialup-range.
Some also want the revenue generated from pay-by-call, but thats
covered in the (limited-)service-agreement.

Any company doing business via the internet should provide a secure
SSL/TLS-capable smarthost for security reasons anyway, and this will
be likely at the MSA-port 587 so port 25 blocks at the isp will have
no effect.

>> The other problem with RMX is that it relies on DNS which itself has
>> horrendous security vulnerabilities due to inherent limitations in the
>> protocol.  RMX inherits them and so is inherently easy to spoof and
>> bypass.  See for example: http://www.securityfocus.com/guest/17905
>> for a good survey paper on DNS vulnerabilities.
> 
> Agreed, but we won't get rid of DNS here, and in context of 
> mail transfer we need DNS anyway. Fixing the security problems of 
> DNS is the task of another IETF working group. We shouldn't try
> to improve the whole world, but focus on spam.

Bulkers need to spew out millions of mails, they would need to poison
thausands of nameservers which is simply not feasible.
Such harmful manipulations are already covered by the laws in many
countries, and there are more secure alternatives to bind available.
 
>> Also I'm not sure as another poster noted how much it even helps:
>> disposable ISP free accounts (AOL CD syndrome) are a major source,
>> with RMX the problem is not even improved.
> 
> I don't see the problem. If anyone uses such a CD, she is still 
> limited to the aol domain and can't send e.g. as @hotmail.com or
> @danisch.de. 

Those freemail-services (I'll include AOL here...) are not any major
source of spam, its all the open relays and the dedicated spamhauses
which _pretend_ to come from there. Thats where RMX comes into play.

And an AOL-dialup simply has not enough bandwidth to be useful via
open proxies where a copy of the spam has to be sent individually
to each targeted server.
Spamming via open relays only required 1% of the bandwidth, but they
are mostly gone or too widely blocked to be useful anymore.

Roland

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email