[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] where the message originated

To: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Subject: Re: [Asrg] where the message originated
From: Alessandro Vesely <vesely at tana.it>
Date: Mon, 12 Jan 2009 11:58:32 +0100
Delivered-to: ietfarch-asrg-web-archive at core3.amsl.com
Delivered-to: asrg at core3.amsl.com
In-reply-to: <20090111223923.21933.qmail at gal.iecc.com>
List-archive: <http://www.irtf.org/pipermail/asrg>
List-help: <mailto:asrg-request@irtf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-post: <mailto:asrg@irtf.org>
List-subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
List-unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
References: <20090111223923.21933.qmail at gal.iecc.com>
Reply-to: Anti-Spam Research Group - IRTF <asrg at irtf.org>
Sender: asrg-bounces at irtf.org
User-agent: Thunderbird 2.0.0.19 (Windows/20081209)

John Levine wrote:

That's precisely the point.  I am not using my habitual mail
client, nor am I using my own familiar webmail service.  I am
using a mail kiosk-type service which allows me to enter a
subject, my return address, a to address, and the body of my
mail.

It must be noted that being able to write but not to read one's mail_is_ an abnormal situation, subject to severe restrictions. For one,it breaks any address checking scheme.

Assuming DKIM gets traction, I can see that kiosk vendors will sign
 all their mail  with the kiosk's domain which will, with luck, get
 a good enough reputation that receivers will say, oh, that's
KioskCo, their mail is OK.


However, anyone can write "Gordon Peterson <gep2 at terabites.com>" on
that box's return address field. Do we really want that to be signed?

Gordon Peterson wrote:

When you're traveling on a ship, understandably they want to
have you send your mail through the ship's own outgoing mail
server, since that minimizes the time they have to keep the (very
expen$ive) satellite channel open.

Nowadays there are satellite links whose costs are comparable to ADSL.I'd reckon broadly available MSAs is the way to go.

A somewhat similar deceptive saving occasion used to be office MTAs.Since most of the traffic is embodied by office-to-office messages,one reasoned, it is a waste to route it through an external MTA thatrequires a (possibly encrypted) leased connection. That's changed too.


Actually, most of the traffic is spam, and keeping iFrom asrg-bounces at irtf.org  Mon Jan 12 02:58:49 2009
Return-Path: <asrg-bounces at irtf.org>
X-Original-To: asrg-archive at optimus.ietf.org
Delivered-To: ietfarch-asrg-archive at core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id ABA893A6A26;
	Mon, 12 Jan 2009 02:58:49 -0800 (PST)
X-Original-To: asrg at core3.amsl.com
Delivered-To: asrg at core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
	by core3.amsl.com (Postfix) with ESMTP id 4449228C2E6
	for <asrg at core3.amsl.com>; Mon, 12 Jan 2009 02:58:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.756

X-Spam-Level:X-Spam-Status: No, score=-0.756 tagged_above=-999 required=5

	tests=[AWL=-0.037, BAYES_00=-2.599, HELO_EQ_IT=0.635,
	HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([64.170.98.32])
	by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 1bExF0J08xwb for <asrg at core3.amsl.com>;
	Mon, 12 Jan 2009 02:58:48 -0800 (PST)
Received: from wmail.tana.it (mail.tana.it [62.94.243.226])
	by core3.amsl.com (Postfix) with ESMTP id 5D6DB3A6A1F
	for <asrg at irtf.org>; Mon, 12 Jan 2009 02:58:48 -0800 (PST)
Received: from [172.25.197.158] (pcale.tana [172.25.197.158])
	(AUTH: CRAM-MD5 ale at tana.it, TLS: TLS1.0, 256bits, RSA_AES_256_CBC_SHA1)
	by wmail.tana.it with esmtp; Mon, 12 Jan 2009 11:58:32 +0100
	id 00000000005DC03A.00000000496B2258.000036E5
Message-ID: <496B2258.8070206 at tana.it>
Date: Mon, 12 Jan 2009 11:58:32 +0100
From: Alessandro Vesely <vesely at tana.it>
User-Agent: Thunderbird 2.0.0.19 (Windows/20081209)
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg at irtf.org>
References: <20090111223923.21933.qmail at gal.iecc.com>
In-Reply-To: <20090111223923.21933.qmail at gal.iecc.com>
Subject: Re: [Asrg] where the message originated
X-BeenThere: asrg at irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg at irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>,
	<mailto:asrg-request at irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/pipermail/asrg>
List-Post: <mailto:asrg at irtf.org>
List-Help: <mailto:asrg-request at irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>,
	<mailto:asrg-request at irtf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: asrg-bounces at irtf.org
Errors-To: asrg-bounces at irtf.org

John Levine wrote:

That's precisely the point.  I am not using my habitual mail
client, nor am I using my own familiar webmail service.  I am
using a mail kiosk-type service which allows me to enter a
subject, my return address, a to address, and the body of my
mail.

It must be noted that being able to write but not to read one's mail_is_ an abnormal situation, subject to severe restrictions. For one,it breaks any address checking scheme.

Assuming DKIM gets traction, I can see that kiosk vendors will sign
 all their mail  with the kiosk's domain which will, with luck, get
 a good enough reputation that receivers will say, oh, that's
KioskCo, their mail is OK.


However, anyone can write "Gordon Peterson <gep2 at terabites.com>" on
that box's return address field. Do we really want that to be signed?

Gordon Peterson wrote:

When you're traveling on a ship, understandably they want to
have you send your mail through the ship's own outgoing mail
server, since that minimizes the time they have to keep the (very
expen$ive) satellite channel open.

Nowadays there are satellite links whose costs are comparable to ADSL.I'd reckon broadly available MSAs is the way to go.

Actually, most of the traffic is spam, and keeping ill-condill-conditionedmail transfer habits is not going to reduce it. Using the right MSAfor each return address allows SPF and DKIM (or other signing scheme)to reliably authenticate messages at their respective protocol entrypoints. That way, use of false identities will eventually beeliminated, and zombies with it, for the sake of real savings.


--
"The best way of dealing with change is to help create it."

_______________________________________________
Asrg mailing list
Asrg at irtf.org
http://www.irtf.org/mailman/listinfo/asrg

tionedmail transfer habits is not going to reduce it. Using the right MSAfor each return address allows SPF and DKIM (or other signing scheme)to reliably authenticate messages at their respective protocol entrypoints. That way, use of false identities will eventually beeliminated, and zombies with it, for the sake of real savings.


--
"The best way of dealing with change is to help create it."

_______________________________________________
Asrg mailing list
Asrg at irtf.org
http://www.irtf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] where the message originated
  - From: John Levine

References:
- Re: [Asrg] where the message originated
  - From: John Levine

Prev by Date: Re: [Asrg] where the message originated (was: DKIM role?)
Next by Date: Re: [Asrg] where the message originated (was: DKIM role?) (SM)
Previous by thread: Re: [Asrg] where the message originated
Next by thread: Re: [Asrg] where the message originated
Index(es):
- Date
- Thread