the O(N^2) problem

Suresh Ramasubramanian ops.lists at gmail.com
Mon Apr 14 07:09:22 UTC 2008


On Mon, Apr 14, 2008 at 11:50 AM, Steven M. Bellovin
<smb at cs.columbia.edu> wrote:
> The risk in a reputation system is collusion.

Multiple reputation systems, each with their own reputation ..  Sed
quis custodiet ipsos custodes and all that ..

A lot of the "reputation" (aka "positive reputation") shall we say
work is heavily sender / ESP / bulk mailer etc driven.  And the
negative reputation stuff (blocklists like spamhaus etc) have been
around rather a long time.

So quite a few ISPs tend to rely on trusted negative reputation
systems (aka they'd use spamhaus) and build positive reputation
(whitelists) on their own, possibly tying this to auth systems such as
dkim.

--srs
-- 
Suresh Ramasubramanian (ops.lists at gmail.com)



More information about the NANOG mailing list