Re: [Asrg] Re: RMX Records
Adam Back <adam@cypherspace.org> Tue, 04 March 2003 20:00 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA07496 for <asrg-archive@odin.ietf.org>; Tue, 4 Mar 2003 15:00:45 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h24KBLu09591 for asrg-archive@odin.ietf.org; Tue, 4 Mar 2003 15:11:21 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h24KBL509588 for <asrg-web-archive@optimus.ietf.org>; Tue, 4 Mar 2003 15:11:21 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA07486; Tue, 4 Mar 2003 15:00:13 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h24KAC509544; Tue, 4 Mar 2003 15:10:12 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h24K9Y509493 for <asrg@optimus.ietf.org>; Tue, 4 Mar 2003 15:09:34 -0500
Received: from mercury.ex.ac.uk (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA07427 for <asrg@ietf.org>; Tue, 4 Mar 2003 14:58:26 -0500 (EST)
Received: from [144.173.6.20] (helo=cronus.ex.ac.uk) by mercury.ex.ac.uk with esmtp (Exim 4.12) id 18qIaS-00CbFM-00; Tue, 04 Mar 2003 20:00:28 +0000
From: Adam Back <adam@cypherspace.org>
To: Hadmut Danisch <hadmut@danisch.de>
Cc: asrg@ietf.org
Subject: Re: [Asrg] Re: RMX Records
Message-ID: <20030304200027.A4371516@exeter.ac.uk>
References: <20030304000807.A4309027@exeter.ac.uk> <20030304092839.GA1965@danisch.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.2.2i
In-Reply-To: <20030304092839.GA1965@danisch.de>; from hadmut@danisch.de on Tue, Mar 04, 2003 at 10:28:39AM +0100
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 04 Mar 2003 20:00:27 +0000
On Tue, Mar 04, 2003 at 10:28:39AM +0100, Hadmut Danisch wrote: > Adam Back wrote: > > Also I'm not sure as another poster noted how much it even helps: > > disposable ISP free accounts (AOL CD syndrome) are a major source, > > with RMX the problem is not even improved. > > I don't see the problem. If anyone uses such a CD, she is still > limited to the aol domain and can't send e.g. as @hotmail.com or > @danisch.de. The problem is forcing everyone to jump through the hoop of having valid RMX records does not stop spam. It just stops people sending mail from addresses without RMX records delegating that they are allowed to (which incidentally breaks a lot of existing functionality). So already there is commonly some Received header giving the information about who sent the mail. That From headers may be slightly harder to forge under RMX doesn't change the problem. The problem is that spammers systematically abuse ISP AUPs. The ISPs already have AUPs, they already routinely correlate spam attacks to given users and terminate accounts. RMX does _nothing_ about spam other than offer another route to tracing the ISP. It also has the unrelated and tangential effect of making certain types of forgeries harder / breaking some times of existing functionality (where the "forgery" is the functionality -- making the From address your desired Reply-To: all mail I've sent for the last 5 years has been of this form). We know from long experience that laws, and after the fact enforcement of AUPs don't solve the problem. That is the status quo. > Second is, under german - and I believe under european - law > ISPs are required to state their customers identity. I guess > the same will come in the USA after 9/11. It will become > more and more difficult to have anonymous access to the internet. And this is a bad thing for end-users. Your approach to slowing spam is to punish end-users by stripping them of privacy, and the convenience of trial-offer CDs from ISPs. > Third, when a thing like RMX comes to fly, anonymous customers will > have to find a RMX covering the AOL addresses in order to send > spam. There will be very few domains doing so, maybe just > aol.com. If AOL goes on with supporting spam, they will be > blacklisted (which is effective in this case). They will have to > solve the problem. So how will anyonymous users who want anonymity for privacy send mail in this world. Adam _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- Re: [Asrg] Re: RMX Records Derek J. Balling
- [Asrg] Re: RMX Records Daniel Feenberg
- Re: [Asrg] Re: RMX Records Hadmut Danisch
- Re: [Asrg] domain specific DNS blacklists (or whi… wayne
- Re: [Asrg] domain specific DNS blacklists (or whi… Roland
- [Asrg] Re: RMX Records Adam Back
- Re: [Asrg] Re: RMX Records Hadmut Danisch
- Re: [Asrg] Re: RMX Records Roland
- DNS is broken, and by extension so is RMX (Re: [A… Adam Back
- Re: [Asrg] Re: RMX Records Adam Back
- Re: [Asrg] Re: RMX Records Hadmut Danisch
- Re: [Asrg] Re: RMX Records Vernon Schryver
- RE: [Asrg] Re: RMX Records Gary Feldman
- [Asrg] Re: RMX Records Peter A. Friend
- Re: [Asrg] Re: RMX Records Vernon Schryver
- RE: [Asrg] Re: RMX Records Vernon Schryver
- Re: [Asrg] Re: RMX Records Hadmut Danisch
- Re: [Asrg] Re: RMX Records Derek J. Balling
- RE: [Asrg] Re: RMX Records Gary Feldman
- Re: [Asrg] Re: RMX Records Dr. Jeffrey Race
- Re: [Asrg] Re: RMX Records Alan DeKok
- False positives (was Re: [Asrg] Re: RMX Records) David F. Skoll
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Kee Hinckley
- RE: [Asrg] Re: RMX Records Vernon Schryver
- Re: [Asrg] Re: RMX Records Vernon Schryver
- Re: [Asrg] Re: RMX Records Troy Rollo
- Re: [Asrg] Re: RMX Records Derek J. Balling
- Re: [Asrg] Re: RMX Records Vernon Schryver
- Re: [Asrg] Re: RMX Records Troy Rollo
- RE: [Asrg] Re: RMX and DS Records Gordon Fecyk - Home
- Re: [Asrg] Re: RMX Records Hadmut Danisch
- Fwd: Re: [Asrg] Re: RMX Records Dr. Jeffrey Race
- Re: False positives (was Re: [Asrg] Re: RMX Recor… David F. Skoll
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Matt Sergeant
- Re: False positives (was Re: [Asrg] Re: RMX Recor… David F. Skoll
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Matt Sergeant
- Re: [Asrg] Re: RMX Records Chris Lewis
- Re: [Asrg] Good versus bad (was Re: RMX Records ) Alan DeKok
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Alan DeKok
- [Asrg] Re: False Positives Peter A. Friend
- Re: [Asrg] Good versus bad (was Re: RMX Records ) Chris Lewis
- Re: False positives (was Re: [Asrg] Re: RMX Recor… David F. Skoll
- Re: [Asrg] Good versus bad (was Re: RMX Records ) David F. Skoll
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Terry Carmen
- Re: False positives (was Re: [Asrg] Re: RMX Recor… David F. Skoll
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Chris Lewis
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Eric S. Johansson
- Re: [Asrg] Good versus bad (was Re: RMX Records ) Chris Lewis
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Chris Lewis
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Kee Hinckley
- Re: False positives (was Re: [Asrg] Re: RMX Recor… abuse
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Kee Hinckley
- Re: False positives (was Re: [Asrg] Re: RMX Recor… abuse
- Re: False positives (was Re: [Asrg] Re: RMX Recor… abuse
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Eric S. Johansson
- Re: False positives (was Re: [Asrg] Re: RMX Recor… Wilson Roberto Afonso