Re: False positives (was Re: [Asrg] Re: RMX Records)

[Keith Moore <moore@cs.utk.edu>]

> 
>   - Connections to servers can be from any IP

that's not a bug, it's a desirable feature

>   - clients can claim to be anyone

that's not a bug, it's a desirable feature

>   - clients can forward data to nearly anyone

that's not a bug, it's a desirable feature

>   - servers can amplify the problem

that's not a bug, it's a desirable feature.  

(but anytime you introduce proxies into a system then you have an inherent
security issue- those proxies can hide and amplify attacks.  this is as true
for IP proxies as for SMTP proxies)

>   Fixing many of these protocol problems will minimize SMTP abuse, and
> minimize the side-effects of that abuse.

and would make email less functional than it was in the 1970s.

>   The main problem I see is the "thundering herd".  

The main problem I see is the lack of any way to make senders accountable for
their actions, and to distinguish responsible senders from irresponsible ones.

Keith
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg