[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Asrg] Re: 6. Proposals - Pull System (revisited)
Chris said...
> At least one benefit of a pull system is that the sender can't be dummied
> even by a trojan. it may take over the the resources but incoming bounces
> "message denied" etc.. will make it abundantly clear to the user that his
> machine has been trojaned.
and Chris responded
A smart trojan of course would handle incoming mail and dispose of the
telltale signs.
And this is an example of how we fight a losing battle....
Not that I say give up. heck no.
but the solution is not ours alone
all areas of the internet must be tightened to minimise the impact of such
attacks.
Most (not all) spammers are laymen, they rely on other peoples software to
do the job for them.
If anyone think spammers will move en masse to trojan systems to continue
their habit I believe they are sadly mistaken.
They spam currently because they can. but if it means becoming technically
savy, and deliberately hacking into other peoples machines. I doubt many
will follow this path.
And how many trojan writers will advertise their wares on a commercial
basis?
Some I am sure. but not enough to return the Internet to the bad old days
err... today!
Regards
Chris
> -----Original Message-----
> From: asrg-admin@ietf.org [mailto:asrg-admin@ietf.org]On Behalf Of Chris
> Sent: Monday, December 01, 2003 10:41 AM
> To: Dag Kihlman; asrg@ietf.org
> Subject: RE: [Asrg] Re: 6. Proposals - Pull System (revisited)
>
>
>
> > If I want to install a pull server I ought to subscribe to a static IP
> > address and pay some fee for having the ports opened. (The market will
> make
> > this fee reasonable)
>
> You would have to enact a law that states fees must be charged.
> That would only be valid in the country where the law is enforced.
>
> no ISP is going to start charging for a service he now provides
> essentially
> free. not if he wants to stay in business.
>
> and where does this fee get applied ?
>
> the ISP. his provider?, backbone providers?
>
> I could see this fee very quickly concentrating into a few hands, and then
> we have a monopolisation occuring.
>
> how would it be charged ?
>
> per port?, per email?
>
>
> > > Pull systems do not change this behaviour. See recent spammer
> > >behaviour of hosting web sites on trojaned machines. They could just
> > >as easily host mail for a "pull" system on the trojaned machine.
> >
>
> Trojaned machines are a major setback to any anti spam e-mail system.
> regardless of type because they run with the parent machines permissions.
>
> I have personally been IP blacklisted because my mail system was
> on the same
> shared machine as a vulnerable formmail script
> (exactly the same effect as a trojan)
>
> This problem is not confined to owners of windows desktop machines. ISP's
> have it as well no matter what they run.
>
> I don't see how any technical sender verification system can
> overcome this.
> please feel free to enlighten me if one comes to mind.
> (most I can think of would rely on forcing the ISP to play our way not
> theirs)
>
> A big legal stick may force ISP's to be more careful about allowing users
> access to formmail etc. or smtp but thats not a technological
> solution, and
> again only applicable where the law is enforced.
>
>
> At least one benefit of a pull system is that the sender can't be dummied
> even by a trojan. it may take over the the resources but incoming bounces
> "message denied" etc.. will make it abundantly clear to the user that his
> machine has been trojaned.
>
> as it stands a trojan can take over a machine quietly send out e-mails,
> return address them to no-one or some other joe and no one is the
> wiser. not
> even the user unless his resource are exhausted by the trojan.
>
>
>
> Regards
> Chris
>
>
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg