[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] RMX and MUAs

On Wed, May 07, 2003 at 10:12:05AM +0200, Hadmut Danisch wrote:
[snip]
> Another problem is that MUAs do display the From: address only.
> This is not a severe problem, since the RMX does not require user
> interaction. RMX works without needing the MUA to display the
> envelope sender address.
> 
> There are two reasons why my draft didn't cover the From: address:
> 
> - The receiving MTA simply doesn't know it before receiving the
>   full message body. RMX was designed to be effective in a very
>   early state of message transmission, i.e. after MAIL FROM
> 
> - The semantic of the From: header line is not very clear, especially
>   in context of forwarding, mailing lists and "message bouncing".
> 
>   Take this particular message you are reading right now (you get it
>   twice, take the version that came from the mailing list processor)
>   It comes from the ASRG mailing list, so it has an envelope sender
>   address from ietf.org. That's what is used to be verified by RMX.
> 
>   But the From: header line says hadmut@danisch.de, because that's
>   the message's content. The sender of the message is ietf.org, and
>   it says the author of the body is hadmut@danisch.de. 
> 
>   It is this subtile difference in semantic that makes it difficult
>   to use the From: header line for authentication. 
> 
>   If you want to have transfer authenticity, you need to use
>   the transfer address (e.g. RMX)
> 
>   If you want to have content related authenticity, you need to 
>   use the body address (e.g. with PGP or S/MIME). This does provide
>   a very high level of security, but it is unrealistic to believe
>   that we could get this deployed world wide.

I understand why RMX is not able to examine RFC 822 headers.  My point
was that RMX does nothing to curtail the sending of messages with
forged 822 From: addresses.  Since this is the only sender address
that most users see, and the address that replies go to (in absence of
a Reply-To: or related header), I disagree with the assertion that
this is not a severe problem.

Even if it is conceded that widespread adoption of RMX will prevent
forged envelope MAIL FROM addresses of participating domains and that
this widespread adoption is feasible, it remains controversial that
RMX will cut down on the volume of spam being received (how will
blacklisting domains be more effective than the current method of
blacklisting ranges of IP addresses?).  What's to keep spammers from
using their own RMX records or an envelope from address belonging to a
domain that hasn't implemented RMX, along with forged 822 From:
addresses, to acheive the same effect that they do currently?  In the
second case (forged envelope address from non-RMX domain), even
assuming correct WHOIS data, how can the true identity of a spammer be
found through RMX?
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg