Re: [Asrg] RMX proposals and Nash Equilibrium

Mike Rubel <asrg@mikerubel.org> Sun, 04 May 2003 21:18 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA06796 for <asrg-archive@odin.ietf.org>; Sun, 4 May 2003 17:18:22 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h44LQ3a00575 for asrg-archive@odin.ietf.org; Sun, 4 May 2003 17:26:03 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h44LQ3800572 for <asrg-web-archive@optimus.ietf.org>; Sun, 4 May 2003 17:26:03 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA06791; Sun, 4 May 2003 17:17:52 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19CQti-0002P3-00; Sun, 04 May 2003 17:19:50 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19CQtD-0002Ow-00; Sun, 04 May 2003 17:19:19 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h44LN8800523; Sun, 4 May 2003 17:23:08 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h44LLX800475 for <asrg@optimus.ietf.org>; Sun, 4 May 2003 17:21:33 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA06756 for <asrg@ietf.org>; Sun, 4 May 2003 17:13:22 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19CQpR-0002OM-00 for asrg@ietf.org; Sun, 04 May 2003 17:15:25 -0400
Received: from cable-modem-221.caltech.edu ([131.215.184.221] helo=tamale.caltech.edu) by ietf-mx with esmtp (Exim 4.12) id 19CQp1-0002OH-00 for asrg@ietf.org; Sun, 04 May 2003 17:14:59 -0400
Received: from localhost (localhost [127.0.0.1]) by tamale.caltech.edu (Postfix) with ESMTP id 9A1FCF830; Sun, 4 May 2003 17:14:41 -0400 (EDT)
From: Mike Rubel <asrg@mikerubel.org>
X-X-Sender: mrubel@tamale.caltech.edu
To: Daniel Feenberg <feenberg@nber.org>
Cc: asrg@ietf.org
Subject: Re: [Asrg] RMX proposals and Nash Equilibrium
In-Reply-To: <Pine.GSO.4.10.10305031750130.15105-100000@nber1.nber.org>
Message-ID: <Pine.LNX.4.44.0305041333140.8096-100000@tamale.caltech.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Sun, 04 May 2003 14:14:41 -0700

On Sat, 3 May 2003, Daniel Feenberg wrote:
> If the proposal starts to gain some traction - say a few large sites start
> to enforce RMX requirements were the MAIL FROM: address matches a site
> supporting RMX records. Very soon spammers would learn not to use hotmail
> return addresses, and what happens then? It won't cost them any more to
> use an non-participating site as the MAIL FROM: address. They might pick
> mine, which would give me a real incentive to register.
> 
> But there are millions of possible names. Spammers could use all of them -
> they already have them, after all. At that point the incentive for sites
> to check incoming mail is greatly reduced.

Dear Daniel,

This is a very interesting analysis.  May I raise an objection though?

Combating spam is not the only incentive for sites to check RMX on
incoming mail.  The other incentive is to avoid being misled.  I would
argue, for example, that it is more important to correctly identify a
forgery claiming to come from (for example) one of a site's software
providers, business partners, or family members than it is to correctly
discern forgeries from other, unrelated sites or people.  This factor
means recipients are more likely to check RMX than a pure spam-rejection
analysis would suggest.

If the equilibrium is high enough, mail coming from a non-RMX site would
have a significantly higher probability of being spam, meaning filters
like spamassassin would give it a lower rejection threshold.  This factor
gives all senders (including those for which the first argument doesn't
apply) a strong incentive to implement RMX.

Overall, I think that the equilibrium RMX penetration would be much higher
than you suspect, but since neither of our analyses are quantitative,
we'll just have to see.  :)

> Compare this to connection IP address based blacklists of open relays.

And yet it does not appear that IP blacklists will resolve the spam
problem either.  There are too many exploitable machines on the `net, and
too many exploits being discovered daily.  I believe there is a consensus
that the only way to fix this problem in the long term is through a
cocktail of attacks--intelligent filters, blacklisting of relays, improved
accountability of SMTP through RMX, and governmental pressure.

Mike

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg