IETF Logo Mail Archive

Re: [Asrg] draft-irtf-asrg-criteria (was Re: request for review for a non FUSSP proposal)

Ian Eiloart <iane@sussex.ac.uk> Fri, 26 June 2009 10:49 UTC

Return-Path: <iane@sussex.ac.uk>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A2E293A69FF for <asrg@core3.amsl.com>; Fri, 26 Jun 2009 03:49:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.161
X-Spam-Level:
X-Spam-Status: No, score=-2.161 tagged_above=-999 required=5 tests=[AWL=-0.361, BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qF1DZxi4Hf6H for <asrg@core3.amsl.com>; Fri, 26 Jun 2009 03:49:10 -0700 (PDT)
Received: from karpinski.uscs.susx.ac.uk (karpinski.uscs.susx.ac.uk [139.184.14.85]) by core3.amsl.com (Postfix) with ESMTP id C4BC73A6855 for <asrg@irtf.org>; Fri, 26 Jun 2009 03:49:03 -0700 (PDT)
Received: from lewes.staff.uscs.susx.ac.uk ([139.184.134.43]:60647) by karpinski.uscs.susx.ac.uk with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.64) (envelope-from <iane@sussex.ac.uk>) id KLUE04-000KLZ-PG for asrg@irtf.org; Fri, 26 Jun 2009 11:48:05 +0100
Date: Fri, 26 Jun 2009 11:47:15 +0100
From: Ian Eiloart <iane@sussex.ac.uk>
Sender: iane@sussex.ac.uk
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <7B7CEB6C086D94C295E661B1@lewes.staff.uscs.susx.ac.uk>
In-Reply-To: <94CA8D5B-3281-4884-8221-B3330F689EBF@mail-abuse.org>
References: <4A43B696.2000106@cybernothing.org> <94CA8D5B-3281-4884-8221-B3330F689EBF@mail-abuse.org>
Originator-Info: login-token=Mulberry:01UUXPm7qmPQCSsiP9vWvEukIOt73w9bRrxrA=; token_authority=support@its.sussex.ac.uk
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
X-Sussex: true
X-Sussex-transport: remote_smtp
Subject: Re: [Asrg] draft-irtf-asrg-criteria (was Re: request for review for a non FUSSP proposal)
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jun 2009 10:49:11 -0000

--On 25 June 2009 12:40:19 -0700 Douglas Otis <dotis@mail-abuse.org> wrote:

>
> On Jun 25, 2009, at 10:40 AM, J.D. Falk wrote:
>
>> Danny Angus wrote:
>>
>>> I tried some time ago to articulate some tests which any proposal
>>> ought
>>> to at least acknowledge, which you can find here..
>>> http://www.killerbees.co.uk/draft-irtf-asrg-criteria-00.html
>>>
>>> You may find them helpful.
>>
>> Nicely done; I think this could be the start of a very useful
>> document.  Any interest in starting up work on it again?
>>
>> First steps could be:
>> - update terminology to match draft-crocker-email-arch
>> - include some examples taken from other RFCs, both successful and
>> non-
>
> This draft overlooked an important area.  It assumes a viable and
> scaleable means to identify initial senders when confronting massive
> levels of abuse.

Which section assumes that.

> Simply put, without a two tier approach to abuse that
> begins by identifying outbound MTAs, email will not remain viable.  This
> paper overlooks that need.

I think that's a different level, isn't it? That's a proposal to be judged 
by the criteria in this paper. The paper shouldn't make any claims about 
how to prevent spam. It's just trying to outline the problem space.


> - Include a means for efficient and efficacious host name identification
> and domain level authorization of systems granting access for outbound
> public (non-authenticated port 25) SMTP messages.
>
> Even reverse DNS queries often impose a too great of a burden on
> resources due to bot-net related abuse. :^(
>
> Reducing the number of systems that need vetting are best consolidated by
> identifying the outbound MTA explicitly signified as providing this
> service within the forward facing name space.  A means to explicitly
> facilitate this function becomes more necessary with increased inclusion
> of IPv6 and further growth of bot-nets.  Once outbound MTAs provide
> stable and specific identifications within the domain name space, the
> immediate vetting this allows provides a much needed reduction on the
> resource burdens imposed upon SMTP by abuse.   These schemes should also
> not cause undue burden on DNS either.
>
> -Doug
>
> _______________________________________________
> Asrg mailing list
> Asrg@irtf.org
> http://www.irtf.org/mailman/listinfo/asrg



-- 
Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see http://www.sussex.ac.uk/its/help/

v2.23.0 | Report a Bug | By Email