RE: [Asrg] Subgroup on reputation and accreditation

[William Leibzon <william at completewhois.com>]

On Wed, 26 May 2004, Joshua Leisk wrote:

> Count me in..
> 
> My method would be:
> 
> For each incoming SMTP connection, with verified sender domain,
> query WHOIS for domain creation date.
As a whois expert here I can tell you that is nearly impossible.
Majority of ccTLD and gTLD registries and registrars have their own formats
(over 150 different formats!) and some dont even indicate creation date. 

Completewhois.com tries to extract domain dates (creation, expiration) 
from different formats and along with nameservers (extracted by custom
dns resolver) provides it as part of the "summary" portion on top of 
actual domain whois data. Currently we handle extraction of registration
date for 35 ccTLDs and gTLDs (i.e. .com/.net/.org/.uk/.au/...) and that 
is more then any other whois data processing system. But doing it in 
automated way is really hard and time consuming to program all different 
filters and to maintain them as any registrar can change their formats at 
any time and they rarely inform userbase.
 
> Domains under suggested 3 months old = REJECT, 550 Telephone Recipient to
> gain authorization to send to this mail server. Please see contacts page on
> website: <blah>.
So with your system instead of spammer registering domain and using it 
within next week, he'd wait 12 weeks. Don't think this would be any harder
for spammer but it would be lot harder for newbies and these are the 
people companies on the next most want to talk to (new customer)

> Domains over <RX MTA's DECISION> 3 months old, check against standard
> DNSRBL.
Unless IETF wants to designated "STANDARD" listing which DNSBLs are to be 
used for mail filtering, I suggest you avoid using this word in this context.

> The nice thing about that too, is it severely impacts email virus
> replication..  <chuckles>
> 
> Joshua Leisk
> http://www.intechcomm.net.au
> 
> -----Original Message-----
> From: asrg-bounces at ietf.org [mailto:asrg-bounces at ietf.org] On Behalf Of John
> Levine
> Sent: Wednesday, 26 May 2004 3:21 PM
> To: asrg at ietf.org
> Subject: [Asrg] Subgroup on reputation and accreditation
> 
> Systems like SPF/Caller ID and DomainKeys tie a message to a domain.
> But it's not very useful to know that a piece of mail is absolutely
> definitely from fooble.com unless you know something about fooble.com.
> 
> The state of the art in reputation systems appears to be Verisign,
> Truste, and Bonded Sender.  Is that really it?  It's my impression
> that there's been academic work in this area, so I'd like first to
> find out who's been thinking about it, see what they've come up with,
> and then see if we can't come up with a model for thinking about and
> maybe even building reputation systems.
> 
> Who's interested?
> 
> Regards,
> John Levine, johnl at taugh.com, Taughannock Networks, Trumansburg NY
> http://www.taugh.com
> 
> _______________________________________________
> Asrg mailing list
> Asrg at ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg
> 
> 
> 
> 
> 
> _______________________________________________
> Asrg mailing list
> Asrg at ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg
> 


_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg