Re: Stopping Spam

From: David MacQuigg (dmq)
Date: 02/09/05

  • Next message: David MacQuigg: "Re: Stopping Spam" 
    Date: Wed, 09 Feb 2005 15:45:59 -0700

    On Wed, 09 Feb 2005 12:15:52 GMT, Lassi Hippeläinen
    <lahippel@ieee.orgies.invalid> wrote:
    >David MacQuigg kirjoitti:
    >> On Tue, 08 Feb 2005 13:54:08 GMT, Lassi Hippeläinen
    >> <lahippel@ieee.orgies.invalid> wrote:
    >>>David MacQuigg kirjoitti:

    >>>>I think there may be a misunderstanding here of how SPF fits into an
    >>>>integrated solution. It's an enabler not a solution. It enables the
    >>>>use of lists based on domain names, not IP addresses. Reputable
    >>>>domain names are far fewer and much more stable than IP addresses.
    >>>
    >>>It is an enabler of walled gardens and centralized control. Microsoft
    >>>almost openly volunteered to run the global e-mail service...
    >>
    >> I think a better analogy would be a gated community. We already have
    >> homes with walled gardens ( intranets behind a firewall ). The gated
    >> community adds an outer layer of security and reduces the need to
    >> build higher walls within the community.
    >
    >Some domains change their upstream ISP, others are mobile by default.
    >The Internet is spreading all the time, bringing new users on-line. Who
    >makes sure the whitelist entries are up-to-date?

    The same folks who now provide us with real-time IP-based blacklists.
    The difference is that reputable domain names will be far fewer and
    much more stable than IP addresses. Changing your upstream ISP will
    not change your domain name. Mobile users will send email through
    their home ISPs.

    Reputable domain names will be much harder to acquire than zombie IP
    addresses. The few that fall into the hands of a spammer will be
    unusual circumstances, like a company being bought out and the new
    owners acquiring the domain name, but getting sloppy on security. Or
    maybe a disgruntled employee who has root access to a university's
    name server. Even A-rated domains will be downgraded fairly quickly
    if spam starts pouring from their machines.

    Most companies that operate a DNS server for a reputable domain will
    honor the trust that the internet community has given them. "You have
    in your hands a powerful transmitter. Keep is secure, and don't let
    it fall into the wrong hands."

    >> I don't understand your worry about centralized control. Any
    >> anti-spam company can put together a white-list. If its a good one,
    >> lots of people will use it.
    >
    >Centralized control is only one step away from centralized charging and
    >centralized content filtering (= censorship). And it is not possible to
    >maintain a "good" whitelist. See how "good" are the Intrusion Detector
    >Systems.

    Domain-name authentication allows the most de-centralized system
    possible. The only thing common to all participants is the domain
    name system. Even the white lists have multiple independent
    providers. I'm just not following your argument here.

    -- Dave

  • Next message: David MacQuigg: "Re: Stopping Spam"
    • Quantcast