[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Asrg] 6. Proposals - DNS-Based - LMAP]

To: "'Fridrik Skulason'" <frisk@f-prot.com>, asrg@ietf.org
Subject: RE: [Asrg] 6. Proposals - DNS-Based - LMAP]
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
Date: Thu, 13 Nov 2003 06:55:55 -0800
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-admin@ietf.org

What I could do which might help move us forward is to write a whitepaper
that has a table that lists the various incremental types of authentication
and accreditation that are possible in this space, the advantages and costs
associated with each.



> -----Original Message-----
> From: Fridrik Skulason [mailto:frisk@f-prot.com]
> Sent: Thursday, November 13, 2003 4:58 AM
> To: asrg@ietf.org
> Subject: Re: [Asrg] 6. Proposals - DNS-Based - LMAP]
> 
> 
> > The answer is that it will eliminate the worst types of 
> spam, impersonation
> > spam.
> 
> One point to consider: Anything that will eliminate 
> impersonation spam will
> also have a drastic effect on computer worms.  It might be 
> easier to push
> a solution that will not only help with one problem (spam) but another
> (worms) as well.  It will not eliminate either problem of 
> course, but it
> will help with both.
> 
> The reason this would work against worms is as follows: Many worms use
> the same methods as spamming software to forge the sender's identity,
> making it sometimes look to the recipient as if the sender is someone
> he already knows, this making it more likely he will believe 
> the message
> and open/execute the attachment, activating the worm.
> 
> The "worst" mail-borne worm incident was without any doubt the one
> involving W32/Sobig.F@mm.  That problem got "solved" on its 
> own, because the
> author included code to make the worm turn itself off globally on a 
> specific date.
> 
> What if the next worm author is not equally "considerate"?
> 
> If the worm would not have been able to forge the identity of 
> the sender,
> one can assume that fewer people would have fallen for it and fewer
> machines been infected and the problem would not have been as bad.
> 
> Therefore my suggestion is that anyone arguing for the implementation
> of LMAP should not only point out the benefit with regard to spam, but
> also the beneficial effects regarding worms.  This might for example
> make it easier to convince companies like Microsoft to endorse the
> proposal.
> 
> --
> Fridrik Skulason   Frisk Software International   phone: +354-540-7400
> Author of F-PROT   E-mail: frisk@f-prot.com       fax:   +354-540-7401
> 
> _______________________________________________
> Asrg mailing list
> Asrg@ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg
> 

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] 6. Proposals - DNS-Based - LMAP]
  - From: Yakov Shafranovich

Prev by Date: Re: [Asrg] 6. Proposals: First draft of the ASRG-RMX Discussion paper
Next by Date: Re: [Asrg] 6. Proposals - DNS-Based - LMAP]
Previous by thread: Re: [Asrg] 6. Proposals - DNS-Based - LMAP]
Next by thread: Re: [Asrg] 6. Proposals - DNS-Based - LMAP]
Index(es):
- Date
- Thread