Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: How do you stop outgoing spam?

  • From: Valdis.Kletnieks
  • Date: Tue Sep 10 15:23:49 2002

On Tue, 10 Sep 2002 19:18:59 +0200, Iljitsch van Beijnum said:

> Or we throw out SMTP and adopt a mail protocol that requires the sender to
> provide some credentials that can't be faked. Then known spammers are easy
> to blacklist.

It's nice to say "we make it easy to blacklist spammers".  The problem is
that those systems that *HAVE* made it easy to blacklist spammers are *ALWAYS*
taking heat for making it easy - remember how ORBS was held in little high
regard?  And even the MAPS people have had their share of legal hassles.

We don't even have to throw out SMTP - there's STARTTLS, AUTH, PGP, and
so on.  The problem is that we don't know how to do a PKI that will
scale (note that the current SSL certificate scheme isn't sufficient, as
it usually does a really poor job of handling CRLs - and the *lack* of
ability to distribute a CRL (which is essentially a blacklist) is the crux
of the problem.  There's also the problem of distributing valid credentials
to half a billion people - while still preventing spammers from getting
any.  The DMV hasn't learned how to keep *teenagers* from getting fake ID's,
why should we expect to do any better in keeping a motivated criminal from
getting a fake credential?

It's not as easy as it looks. As Bruce Schneier talked about in "Secrets and
Lies", where he does a hypothetical threat analysis regarding getting dinner
in a restaurant without paying, most of the attacks actually have nothing to
do with the part of the transaction where money changes hands...

				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

Attachment: pgp00009.pgp
Description: PGP signature

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.