nanog mailing list archives
Re: How do you stop outgoing spam?
From: Valdis.Kletnieks () vt edu
Date: Tue, 10 Sep 2002 15:21:55 -0400
On Tue, 10 Sep 2002 19:18:59 +0200, Iljitsch van Beijnum said:
Or we throw out SMTP and adopt a mail protocol that requires the sender to provide some credentials that can't be faked. Then known spammers are easy to blacklist.
It's nice to say "we make it easy to blacklist spammers". The problem is that those systems that *HAVE* made it easy to blacklist spammers are *ALWAYS* taking heat for making it easy - remember how ORBS was held in little high regard? And even the MAPS people have had their share of legal hassles. We don't even have to throw out SMTP - there's STARTTLS, AUTH, PGP, and so on. The problem is that we don't know how to do a PKI that will scale (note that the current SSL certificate scheme isn't sufficient, as it usually does a really poor job of handling CRLs - and the *lack* of ability to distribute a CRL (which is essentially a blacklist) is the crux of the problem. There's also the problem of distributing valid credentials to half a billion people - while still preventing spammers from getting any. The DMV hasn't learned how to keep *teenagers* from getting fake ID's, why should we expect to do any better in keeping a motivated criminal from getting a fake credential? It's not as easy as it looks. As Bruce Schneier talked about in "Secrets and Lies", where he does a hypothetical threat analysis regarding getting dinner in a restaurant without paying, most of the attacks actually have nothing to do with the part of the transaction where money changes hands... -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Attachment:
_bin
Description:
Current thread:
- Re: How do you stop outgoing spam?, (continued)
- Re: How do you stop outgoing spam? Scott Francis (Sep 18)
- Re: How do you stop outgoing spam? Paul Vixie (Sep 09)
- Re: How do you stop outgoing spam? Eliot Lear (Sep 09)
- Re: How do you stop outgoing spam? Rafi Sadowsky (Sep 09)
- Re: How do you stop outgoing spam? Eliot Lear (Sep 09)
- Re: How do you stop outgoing spam? Scott Francis (Sep 17)
- Re: How do you stop outgoing spam? John M. Brown (Sep 09)
- Re: How do you stop outgoing spam? alex (Sep 10)
- Re: How do you stop outgoing spam? Valdis . Kletnieks (Sep 10)
- Re: How do you stop outgoing spam? Iljitsch van Beijnum (Sep 10)
- Re: How do you stop outgoing spam? Valdis . Kletnieks (Sep 10)
- Re: How do you stop outgoing spam? Iljitsch van Beijnum (Sep 10)
- Re: How do you stop outgoing spam? Eliot Lear (Sep 09)
- Re: How do you stop outgoing spam? Vadim Antonov (Sep 10)
- Re: How do you stop outgoing spam? Vadim Antonov (Sep 10)
- Re: How do you stop outgoing spam? Rafi Sadowsky (Sep 10)
- RE: How do you stop outgoing spam? Tony Hain (Sep 10)
- Re: How do you stop outgoing spam? Eliot Lear (Sep 10)
- Re: How do you stop outgoing spam? Brad Knowles (Sep 11)
- RE: How do you stop outgoing spam? Rafi Sadowsky (Sep 10)
- Re: How do you stop outgoing spam? Tim Thorne (Sep 10)
- Re: How do you stop outgoing spam? Petri Helenius (Sep 10)