[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST

To: "David Nicol" <davidnicol at gmail.com>
Subject: Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
From: "Jim MacLeod" <jmacleod at gmail.com>
Date: Mon, 5 Jun 2006 17:21:25 -0700
Cc: anti-spam research group <asrg at ietf.org>, "Mark E. Mallett" <mem at mv.mv.com>
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=oNu4bLPZSYwk0PO4B2dR8GObP2K5thqnc2SdVghDYO0sR7WbvdA8puHSGd6KeMHGlLcjjFaoTO3zaQMMNqPPaP+z+aH9ABs2N90zZspP5iFSFoYSCmnYb0dp+4+AP320Gg7SjQmyDXcGGOk+Zq0cv++8rl7AripbFswwEEEw7S0=
In-reply-to: <934f64a20606051620r3342dbd7pb51114a6e4af9423@mail.gmail.com>
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <934f64a20606051429w2b18c18dl14bfb92d92d24859@mail.gmail.com> <90b025640606051505r65c39818maa020ff73719329f@mail.gmail.com> <20060605223234.GJ29640@osmium.mv.net> <934f64a20606051620r3342dbd7pb51114a6e4af9423@mail.gmail.com>

Uh-oh.

DATAFIRST seems like a great tool for a DHA (directory harvesting attack): here's an innocent-seeming email, and here's the million possible recipients for it...

How about a compromise, something like a NOACK? After the DATA, the receiving server replies only that it did/did not receive the message, without any information to the sender whether any given recipient will receive the message. Probably should add a message type that says "message received, but none of the recipients are valid", so the sender won't send to that domain any more. Think about multicast IP (IGMP, PIM, DVMRP, etc) as a model.

- The upside: less traffic, since the message is only sent once (by "responsible" senders).

- The compromise: those senders don't get feedback on whether the addresses are valid. For mailing list maintainers, there's nothing to allow them to prune their lists. However, for spammers, there's no feedback for DHA purposes.

- The downside: senders who really really want that address-level feedback will still send individually.

Perhaps this "downside" would still be a good thing, as senders who still choose to send individually will suffer reputation harm.

It's also possible that extensions of this kind could encourage more spam messages to be sent, since receiving MTAs which adopt the extension could increase the recipient limits. OTOH, receiving MTAs might just quietly discard the messages with the same limits as before. This would make for an interesting model in game theory.

-Jim

On 6/5/06, David Nicol <davidnicol at gmail.com> wrote:

...If you had a list
of, say, every potential coca-cola drinker at AOL, switching to a DATAFIRST
sequence would allow you to put the ad in first and then chase it with the whole
mailing list...

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
  - From: David Nicol
- Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
  - From: Jim MacLeod
- Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
  - From: Mark E. Mallett
- Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
  - From: David Nicol

Prev by Date: Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
Next by Date: Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
Previous by thread: Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
Next by thread: Re: [Asrg] pre-rfc thought balloon: ESMTP DATAFIRST
Index(es):
- Date
- Thread