IETF Logo Mail Archive

Re: [Asrg] seeking comments on new RMX article

Michael Rubel <asrg@mikerubel.org> Tue, 06 May 2003 23:13 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA13648 for <asrg-archive@odin.ietf.org>; Tue, 6 May 2003 19:13:59 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h46NMfR06923 for asrg-archive@odin.ietf.org; Tue, 6 May 2003 19:22:41 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46NMf806920 for <asrg-web-archive@optimus.ietf.org>; Tue, 6 May 2003 19:22:41 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA13644; Tue, 6 May 2003 19:13:29 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DBeo-0003Lg-00; Tue, 06 May 2003 19:15:34 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19DBen-0003Ld-00; Tue, 06 May 2003 19:15:33 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46NKH806827; Tue, 6 May 2003 19:20:17 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h46NJ6806763 for <asrg@optimus.ietf.org>; Tue, 6 May 2003 19:19:06 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id TAA13574 for <asrg@ietf.org>; Tue, 6 May 2003 19:09:54 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DBbL-0003Ke-00 for asrg@ietf.org; Tue, 06 May 2003 19:11:59 -0400
Received: from entropy.galcit.caltech.edu ([131.215.119.61]) by ietf-mx with esmtp (Exim 4.12) id 19DBbK-0003Kb-00 for asrg@ietf.org; Tue, 06 May 2003 19:11:58 -0400
Received: from localhost (localhost [127.0.0.1]) by entropy.galcit.caltech.edu (Postfix) with ESMTP id 29AE7A; Tue, 6 May 2003 19:13:29 -0400 (EDT)
From: Michael Rubel <asrg@mikerubel.org>
X-X-Sender: mrubel@entropy.galcit.caltech.edu
To: Barry Shein <bzs@world.std.com>
Cc: Hadmut Danisch <hadmut@danisch.de>, Dave Crocker <dcrocker@brandenburg.com>, asrg@ietf.org
Subject: Re: [Asrg] seeking comments on new RMX article
In-Reply-To: <16056.15503.52585.877770@world.std.com>
Message-ID: <Pine.LNX.4.44.0305061556250.26225-100000@entropy.galcit.caltech.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 06 May 2003 16:13:29 -0700

On Tue, 6 May 2003, Barry Shein wrote:
MR> Ask yourself:  Why are spammers drawn to bighost.com addresses?

BS>      When was the last time you said "stranger@aol.com"? Why
BS>      it must be important, IT'S FROM AOL.COM!

Perhaps... but then why do spammers do it?

BS> The only thing that might carry some trust is someone@xyz.com where
BS> you believe you recognize someone, particularly in the context of
BS> @xyz.com, like yourbrokersname@hisbrokeragehouse.com.

RMX addresses that problem too; spammers will not be able to claim to 
write on behalf of yourbrokersname@hisbrokeragehouse.com.  That's a good 
thing!

MR> If we can prevent spammers from using respected names, then we've 
MR> pushed them toward unknown names (or more precisely, names from which 
MR> the recipient does not normally receive ham) which carry a lower 
MR> default credibility; a message will have to look substantially more 
MR> spam-like to be rejected if it comes legitimately (according to RMX 
MR> records) from bighost.com.

BS> If that's your goal then just add the mailbox and call it 
BS> whitelisting.

Whitelisting only works if you're reasonably sure the sender is who he 
claims to be.  Ergo, RMX.

BS> Anyhow, no, I disagree, it's a tiny, tiny improvement in the spam 
BS> arena.

Fair enough; this is a matter of opinion, and only time will tell.  But
the forgery reduction aspect makes RMX useful enough to stand on its own,
and RMX can only help with spam.

BS> It *might* be some improvement in general identification to prevent
BS> certain types of malicious fraud.

8<...>8

BS> BUT THAT'S NOT SPAM (oops, sorry for shouting.)

Barry, please--my response wasn't (intended to be) a flame, or otherwise 
rude.

Spam is a problem for senders, whose reputations get damaged by spam in
their names, and for recipients.  RMX helps a great deal on the sender
side, and a little bit on the receiver side--though since none of us knows
exactly how much, there seems to be a lot of very loud debate on the
subject.  And RMX definitely helps with fraud.

From your earlier responses, I had gathered that you were largely in favor
of RMX, albeit only for the last reason.  Has that changed?

Mike

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email