On Sat, 2005-02-05 at 19:18 +0000, Jørgen Hovland wrote:
----- Original Message ----- From: "Edward B. Dreger" <eddy+public+spam@noc.everquick.net>
TV> From: Todd Vierling
TV> The only way to be sure is via cryptographic signature. Barring TV> that level
False. You imply that a crypto signature is a perfect guarantee, and that nothing else can provide equal assurance.
To prevent spyware using your signature you can for example use some sort of local signature engine and a fingerprint reader. It isn't possible to steal the private key because only the engine can decode it. Emails can only be signed with that signature by the engine, and the engine needs your fingerprint first. But who really wants to stick your thumb in the reader for every email you send?
If each provider signed their messages AND included account identifiers (as used by their access servers), then the providers themselves or some third-party would have little trouble blackhole listing problematic systems. There would be NO danger that something in the customers system could be stolen. A blackhole A record of 127.0.0.1 by the provider at the following: <internal-identifier>._rl.<domain>.<tld> Or if by a third-party, it could be <internal-identifier>._rl.<domain>.<tld>.<third-party>.<tld> This mechanism would also prevent a replay attack on signatures as well as allow extraction of these problem accounts caused by compromised systems. These people would quickly learn they have a problem, if they use the mail services of the provider. If they do not, they should be blocked by the provider outright. To prevent bounce traffic unilaterally, BATV would be a better solution. SPF et al does not allow safe reputation assertions. A reputation assertion is the ONLY way this type of abuse can be prevented. Binding MAILFROM or the FROM with some IP address will not stop spam. Within two minutes, spammers will have adapted, and yet a tremendous expense and disruption will have taken place for little benefit. -Doug