Re: [Asrg] VPNs vs consent

Claudio Telmon <claudio@telmon.org> Tue, 30 June 2009 21:45 UTC

Return-Path: <claudio@telmon.org>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 85D6F3A68BD for <asrg@core3.amsl.com>; Tue, 30 Jun 2009 14:45:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.509
X-Spam-Level:
X-Spam-Status: No, score=-0.509 tagged_above=-999 required=5 tests=[AWL=0.210, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4mgzaoSVOeu1 for <asrg@core3.amsl.com>; Tue, 30 Jun 2009 14:45:47 -0700 (PDT)
Received: from slim-2a.inet.it (slim-2a.inet.it [213.92.5.122]) by core3.amsl.com (Postfix) with ESMTP id 1067A3A67AE for <asrg@irtf.org>; Tue, 30 Jun 2009 14:45:46 -0700 (PDT)
Received: from 88-149-250-62.dynamic.ngi.it ([::ffff:88.149.250.62]) by slim-2a.inet.it via I-SMTP-5.6.0-560 id ::ffff:88.149.250.62+PuQWvv25pHN; Tue, 30 Jun 2009 23:46:07 +0200
Message-ID: <4A4A879D.80008@telmon.org>
Date: Tue, 30 Jun 2009 23:46:05 +0200
From: Claudio Telmon <claudio@telmon.org>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.21) Gecko/20090318 Lightning/0.8 Thunderbird/2.0.0.21 Mnenhy/0.7.6.666
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20090623213728.1825.qmail@simone.iecc.com> <4A41D773.50508@telmon.org> <4A41E506.2010106@mines-paristech.fr> <20090624160052.B5DC62428A@panix5.panix.com> <4A426B9D.7090901@mines-paristech.fr> <4A43618A.6000205@tana.it> <4A437393.3060105@mines-paristech.fr> <212.234.174.167.1726486840.1245941890@webmail.inet.it> <4A439639.9090106@mines-paristech.fr>
In-Reply-To: <4A439639.9090106@mines-paristech.fr>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Subject: Re: [Asrg] VPNs vs consent
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2009 21:45:48 -0000

Jose-Marcio Martins da Cruz wrote:

> The other problem I mentioned is multiple addresses
> (jose-marcio.martins_da_cruz, jose-marcio.martins, martins, ...). I
> can't imagine managing preferences for each identity, nor a system
> telling that each address is equivalent to some other one, in a domain
> with, say, 10000 or more users.
> 

I need some more clarification on this, maybe it's just me not knowing
enough about MTAs internals. As the border MTA receives a RCPT TO for
either of these addresses, it should be able to know if it is a valid
address. In my (very limited) experience, this means that each of these
addresses mut be defined as a valid address, the MTA doesn't have rules
to decide that since jose-marcio.martins_da_cruz is a valid address,
jose-marcio.martins must be valid too. So, if each of these addresses is
individually defined in some list/database accessed by the MTA, then
with the same rules, the related token database should be accessed too.
Should an "automatic aliasing" rule exist, then the same rule could
exist for the token database. Also, if "somewhere" an alias is defined
for an address, then the correspondent database could just be a pointer
to the database of the "main" address. This could even implement "chains
of aliases" as "chains of pointers to token databases".
This unless you use forwarding, which is not aliasing and which should
be handled as having different addresses.
Now, from the user perspective, the address book management tool could
just keep a "default" token database, that is valid for each address the
user send messages from. So, each time a correspondent is added, the
appropriate token is pushed on the MTA databases for all the user's
addresses. While this may seem a lot of work and "database space", again
this should be in fact fully automated and need very little space
compared to current mailbox sizes. Should there be a specific address
that needs different tokens for different addresses, this could be
explicitly set when adding the address to the address book. Again, since
it is just the address owner that knows if a correspondent is permitted
to send messages to one address and not to an alias, there is no
solution but to involve some manual handling by the user.

> Unless you're able to build an "usine à gaz" (as we say in France), with
> preferences for each valid address, there isn't a clean solution.

I think this is feasible with an appropriate address book manager.
Anyway, the load is for the MUA, not for the MTA, so the number of users
shouldn't matter.

-- 

Claudio Telmon
claudio@telmon.org
http://www.telmon.org