Re: [Asrg] Supplemental addresses (was: Indirection as a useful tool)

[Joe McIsaac <jmcisaac at reflexion.net>]

I wrote:
> > All mail into and out of the enterprise is configured to pass through the system as a gateway.  On the
> > way out, the system determines, based on a fairly large number of criteria, which supplemental address
> > (es)  (if any) are to be used or whether a new one is to be created.  All references to the original, 
> > "internal" address are replaced in the header, body and certain attachments with the "correct" 
> > supplemental  address before delivery to the recipient.
 
> > On replies and messages sent back, the process is reversed.
 
Brian wrote:
> Isn't this (an over engineered) auto-whitelist?
 
> Brian

Quite the contrary.  I understand that this approach might appear similar to white listing in that managing supplemental addresses requires correlating the identity of outside correspondents to supplemental addresses. However, white listing has the net effect of encouraging dialogue to a single address, which is the opposite of the goal of using supplemental addresses.  From a purely theoretical point of view, the goal of using supplemental addresses is to get people to use as many different addresses as possible, although in reality this does not take place.  In practice, certain addresses are used by multiple correspondents -- creating "communities" of correspondents that are implicitly and explicitly accumulated.  Some users employ only one or a few supplemental addresses because that's how they want to use the technology.  Still others don't want to use them, but still need spam relief, so all of these conditions must be satisfied.

As to the level of engineering, if you set out to build a system that employed supplemental addresses, managed which addresses required a security pass, and kept track of which correspondents used which supplemental addresses, the level of engineering would find itself.

Add a few additional requirements that we observed in implementation:

1) Address management must be transparent to the end user

2) Outside contacts must be insulated from any aggravation during the adoption by new users

3) Users must be able to employ the system with no little or no change in behavior and no training

I agree that the engineering isn't trivial.  However, I am certain that many of the content filtering services have vastly more sophisticated technology than what is required to support supplemental addresses.  The hard part is working out all the subtleties when you actually get a diverse and large group of users while maintaining transparency for users.

The model holds up over time, and serves as a complementary and additive technique to any other email security approach.  It is liberating, as more and more legitimate mail is kept from having to run the rapids of any security scrutiny that might mistakenly block or delay delivery.

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg