Re: [LONG] Improving E-mail security...

["lceone () comcast net" <lceone () comcast net>]

Bengt Ruusunen wrote:
> - E-mail receiving server could check that 'very first original' From: 
> line and if it is same than the receiver address ie. 'someone () someone com'
>
> Perform an check to see if the 'sender identification' ie. salted public 
> key, GUID or something (X-Authenticated-Guid: #0a845d299ca340087140) 
> exists in mail header.

Sort of like a required, server based, pgp check?

<OPINION>
I think it's just about time that we stop patching over this dinosaur 
protocol that we call SMTP (RFC 821 from *August 1982*).  This protocol 
was originally designed to send text messages from one machine to 
another back in the "Good Ol' Days" when the internet was safe because 
it existed at two schools and a government institution.

Then as the years went on, the protocol became inadequate.  e.g. it only 
allowed for a message to use the 128 ASCII character codes.  So instead 
of re-evaluating and rewriting the protocol, we've patched it.  We added 
MIME, because that made it easier to send each other HTML formatted 
email and pictures of our cats.  We added PGP, but not frequently or in 
a consistent manner.  We added pretty features, but we've neglected any 
security that should have been added, or problems fixed (feature bloat 
anyone?).

But you cant do that.  You cant build a big house on a small foundation 
or it will crumble.  Today's *constant* problems/viruses/spam/etc is the 
crumble showing itself.  It will only get worse from here.  Seriously, 
we shouldn't have to think twice about simply viewing an email for fear 
of self-executing viruses.  That should not be an option.

<SEMI-FACTUAL BABBLING>
About spam.  This problem, I think, mainly arises from the fact that the 
spamming server can connect to domain.com, transmit one copy of the spam 
email, and send it to 100,000 users, from anyone, to anyone, no 
questions asked.  This puts a huge load on the receiving server, and 
comparably minimal load on the sending server (depending on message 
size).  If the protocol was rewritten to allow only "one for one" 
sending, maybe this would slow them down?  I dunno, just a thought.
Oh! And *maybe* we could make relaying OFF by default!  Wacky ideas.
</SEMI-FACTUAL BABBLING>

So maybe it would be in the best interest of the internet community if 
someone stopped and took a look at what the requirements for a good 
communications protocol to replace email would be, and tried to put one 
together from the ground up.  Security, features, and all.  Heck, if I 
can get a group together, I'll take a crack at the darn thing myself. 
But I don't claim to be any sort of expert on anything (except maybe the 
semi-factual babbling), so I'd need a good group.
</OPINION>

Just my $0.10

-Larry Engleman

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html