[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC

To: Bill Weinman <wew@bearnet.com>
Subject: Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC
From: Brad Knowles <brad.knowles@skynet.be>
Date: Fri, 3 Oct 2003 03:27:35 +0200
Cc: Markus Stumpf <maex-lists-spam-ietf-asrg@Space.Net>, ASRG <asrg@ietf.org>
In-reply-to: <5.2.0.9.0.20031002192306.02028ec8@mail.bearnet.com>
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <5.2.0.9.0.20031001203900.01f5eac8@mail.bearnet.com><5.2.0.9.0.20030928211427.01d2a630@mail.bearnet.com><5.2.0.9.0.20030928211427.01d2a630@mail.bearnet.com><5.2.0.9.0.20031001203900.01f5eac8@mail.bearnet.com><5.2.0.9.0.20031002192306.02028ec8@mail.bearnet.com>
Sender: asrg-admin@ietf.org

At 8:06 PM -0500 2003/10/02, Bill Weinman wrote:

 Can you document that? I have not seen evidence of DNS spoofing in
 email sufficient to warrant an extra burden on the whole system to
 protect against it. If DNS is the problem, wouldn't DNS be a better
 place to deal with it?

Over 50% of the ccTLD nameservers are open public caching/recursive nameservers and vulnerable to cache pollution/poisoning. Jon Postel accidentally poisoned the caches of many of the nameservers on the net, and damn near took the whole thing down. Eugene Kashpureff did the same thing in 1997, for malicious reasons.

Hell, with companies like VeriSign/NetSOL putting up wildcard records in gTLD zones and UltraDNS handing out bogus glue with the "authoritative answer" set (not to mention their use of just two exclusively anycast nameserver IP addresses), there's lots and lots of danger here.

Most providers do not do edge filtering. Nor do they do bogon filtering. Nor do they do anti-spoof protection. The result is that spammers can boldly infect hundreds of thousands of machines across the 'net, and then use them as a DDoS tool to take out RBL operators with impunity. Even if people have collected the packets, traced the lines, and know precisely who is sitting where doing what, the police and the governments still won't do a damn fscking thing.

If there is a potential security hole that we can perceive today and that we can reasonably address now, we should do so.

If we can help mitigate this by requiring certificates, then I'd say we should require certificates.

--
Brad Knowles, <brad.knowles@skynet.be>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+
!w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC
  - From: Bill Weinman

References:
- Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC
  - From: Bill Weinman
- [Asrg] 6. Proposals - AMTP (rev 01)
  - From: Bill Weinman
- Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC
  - From: Bill Weinman

Prev by Date: Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC
Next by Date: Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC
Previous by thread: Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC
Next by thread: Re: [Asrg] 6. Proposals - AMTP (rev 01) - MPC
Index(es):
- Date
- Thread