Micorsoft's Sender ID Authentication......?
Matt Ghali
matt at snark.net
Fri Jun 10 00:40:55 UTC 2005
On Thu, 9 Jun 2005, Stephen Sprunk wrote:
If my grandmother has a "reputation" for sending legitimate email,
and she inadvertently installs some spam zombie software, it is
certainly feasible (and probably trivial) for the spammer to steal
all her credentials and thus her "reputation". Spam will get out
for a while, but once her "reputation" significantly degrades, it
will be stopped -- as will any future legitimate email from her.
No. You are (I suspect) deliberately ignoring the Big Picture.
Your grandmother, if she is like most grandmothers, does not have a
box coloed with a static IP from which she runs her own MTA. She
gets a dynamic address assignment from her ISP.
When her computer becomes infected with malware that causes it to
emit abusive traffic, the reputation for that IP (or its containing
netblock) is affected.
The longer her ISP allows the abusive traffic, the lower the
reputation becomes for that address (or its containing netblock).
So you see, the reputation has nothing to do with your mom, and
everything to do with the controlling entity, her ISP. Which makes
the whole address-based sender reputation scheme almost workable, if
you ignore the scaling issues.
This "solution" strikes me as worse than the problem it tries to
address.
I'd never call it a "solution", but it is certainly a useful tool to
use along with others in order to more successfully manage the
problem.
matto
--matt at snark.net------------------------------------------<darwin><
The only thing necessary for the triumph
of evil is for good men to do nothing. - Edmund Burke
More information about the NANOG
mailing list