14 Apr
2008
14 Apr
'08
3:09 a.m.
On Mon, Apr 14, 2008 at 11:50 AM, Steven M. Bellovin <smb@cs.columbia.edu> wrote:
The risk in a reputation system is collusion.
Multiple reputation systems, each with their own reputation .. Sed quis custodiet ipsos custodes and all that .. A lot of the "reputation" (aka "positive reputation") shall we say work is heavily sender / ESP / bulk mailer etc driven. And the negative reputation stuff (blocklists like spamhaus etc) have been around rather a long time. So quite a few ISPs tend to rely on trusted negative reputation systems (aka they'd use spamhaus) and build positive reputation (whitelists) on their own, possibly tying this to auth systems such as dkim. --srs -- Suresh Ramasubramanian (ops.lists@gmail.com)