[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] 1. Inventory of Problems - SMTP

To: Alan DeKok <aland@ox.org>
Subject: Re: [Asrg] 1. Inventory of Problems - SMTP
From: Yakov Shafranovich <research@solidmatrix.com>
Date: Thu, 18 Dec 2003 18:09:07 -0500
Cc: asrg@ietf.org
In-reply-to: <3FDF7197.4030301@solidmatrix.com>
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Organization: SolidMatrix Technologies, Inc.
References: <200312161921.hBGJLIb02260@newgiles.nitros9.org><3FDF7197.4030301@solidmatrix.com>
Sender: asrg-admin@ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5)Gecko/20031007

Yakov Shafranovich wrote:

[Subject changed to be more readable, was "Re: [Asrg] [1] Why SPAM is worse in SMTP than in other protocols". Mod.]

Alan DeKok wrote:
  I've written a *very* rough first draft of a document.  It's
available at:

  http://www.striker.ottawa.on.ca/~aland/smtp-sucks/problems.txt

Some comments:

3. The sender can request that the message be forwarded to (almost)
   anyone else.

  SMTP isn't a "user to user" protocol.  It's a "submitter to MTA"
protocol.  In the case of open proxies, the MTA may be abused to
re-send the mail to anyone on the net.

Isn't SMTP an MTA-to-MTA protocol, with SUBMIT being the "submitter to MTA" protocol?

6. no negative feedback

  TCP has congestion control.  ICMP "port unreachable", etc.

  When SMTP messages are thrown away, they're often done so by the end
user.  The recipient MTA usually doesn't know, and the originating MTA
doesn't know.  So in the absence of negative feedback, spammers
increase their sending rates, in the hope that some messages will get
through.

This also has to do with the fact that the body of the message and the SMTP transaction are separate from each other.

 What to do about it
  -------------------

e.g. Messages from unknown senders should be treated with great
  suspicion.  Any and all available information should be used to
  determine how to process the message.

A good example would be giving a higher value to unknown senders in SpamAssasin.

Yakov

-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"I ate your Web page. / Forgive me. It was juicy / And tart on my tongue." (MIT's 404 Message)
-------

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] 1. Inventory of Problems - SMTP
  - From: Dave Crocker

References:
- [Asrg] [1] Why SPAM is worse in SMTP than in other protocols
  - From: Alan DeKok
- [Asrg] 1. Inventory of Problems - SMTP
  - From: Yakov Shafranovich

Prev by Date: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
Next by Date: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
Previous by thread: Re: [Asrg] 1. Inventory of Problems - SMTP
Next by thread: Re: [Asrg] 1. Inventory of Problems - SMTP
Index(es):
- Date
- Thread