nanog mailing list archives
Re: DMARC -> CERT?
From: Rich Kulawiec <rsk () gsp org>
Date: Mon, 14 Apr 2014 16:58:31 -0400
On Mon, Apr 14, 2014 at 10:33:40AM -0700, Matthew Petach wrote:
So, I take it you prefer a world in which there's no sender validation, and receiving floods of spoofed sender email spam is just part of the price of being on the internet?
Sender validation means NOTHING in a world with hundreds of millions of bots and hundreds of millions of email accounts that are either (a) hijacked or (b) created at will by the bot herders. My spamtraps see spam all day every day from all over the world that passes whatever alleged "sender validation" technology is the flavor-of-the-month. Can it work in some isolated edge cases? Sure. Can it work on an Internet scale? No. As I've said many times, email forgery is not the problem. It's a symptom of the problem, and the problem is "rotten underlying security" coupled with "negligent and incompetent operational practice". But fixing that is hard, and nobody -- not Yahoo and not anybody else either -- wants to tackle it. It's much easier to roll out stuff like this and pretend that it works and write a press release and declare success. ---rsk
Current thread:
- Re: DMARC -> CERT?, (continued)
- Re: DMARC -> CERT? Jim Popovitch (Apr 16)
- Re: DMARC -> CERT? Private Sender (Apr 17)
- Re: DMARC -> CERT? Michael Thomas (Apr 17)
- Re: DMARC -> CERT? Valdis . Kletnieks (Apr 17)
- Re: DMARC -> CERT? Michael Thomas (Apr 17)
- Re: DMARC -> CERT? Miles Fidelman (Apr 17)
- Message not available
- Re: DMARC -> CERT? Larry Sheldon (Apr 16)
- Re: DMARC -> CERT? Jim Popovitch (Apr 16)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)
- Re: DMARC -> CERT? John Levine (Apr 14)
- Re: DMARC -> CERT? Rich Kulawiec (Apr 14)
- Re: DMARC -> CERT? Leo Bicknell (Apr 14)
- Re: DMARC -> CERT? Miles Fidelman (Apr 14)