ISP signatures on outgoing mail
On Thu, 3 Jul 1997, Anonymous wrote:
They need a standard for which headers to sign, then a dig sig can be included in the headers to check that a message came from where it claims.
this doesn't seem to help solve the problem very much. The way SMTP works right now, spammers can frequently just connect to somebodies SMTP server, drop off a load of e-mail, and let their server handle it. (identical to how the ISPs customers drop off mail) All we get out of this is a way to blame those who sign their mail and get slammed by a spammer. Funny, this wouldn't seem to hurt remailers all that much. You'd basically guarantee that, yes, the mail really did come from the anonymous remailer. :-) ----------------------------------------------------------------------- Ryan Anderson - <Pug Majere> "Who knows, even the horse might sing" Wayne State University - CULMA "May you live in interesting times.." randerso@ece.eng.wayne.edu Ohio = VYI of the USA PGP Fingerprint - 7E 8E C6 54 96 AC D9 57 E4 F8 AE 9C 10 7E 78 C9 -----------------------------------------------------------------------
On Thu, 3 Jul 1997, Ryan Anderson wrote: [...]
this doesn't seem to help solve the problem very much. The way SMTP works right now, spammers can frequently just connect to somebodies SMTP server, drop off a load of e-mail, and let their server handle it.
There is now meany patchers to avoid mail relaying like this. Good ISP's don't let mail to go from an outside site to anoughter outside site.
(identical to how the ISPs customers drop off mail)
No its diffrent ISP's customers move from the inside to the outside. Please excuse my spelling as I suffer from agraphia see the url in my header. Never trust a country with more peaple then sheep. Buy easter bilbies. Save the ABC Is $0.08 per day too much to pay? ex-net.scum and prouud I'm sorry but I just don't consider 'because its yukky' a convinceing argument
On Fri, 4 Jul 1997, ? the Platypus {aka David Formosa} wrote:
There is now meany patchers to avoid mail relaying like this. Good ISP's don't let mail to go from an outside site to anoughter outside site.
(identical to how the ISPs customers drop off mail)
No its diffrent ISP's customers move from the inside to the outside.
Well, with current technology, it's not too difficult to forge DNS entries, and I imagine you could forge enough entires to confuse a reverse DNS lookup. But this is really a different issue and I think the most recent version of Bind fixes some of these problems.. ----------------------------------------------------------------------- Ryan Anderson - <Pug Majere> "Who knows, even the horse might sing" Wayne State University - CULMA "May you live in interesting times.." randerso@ece.eng.wayne.edu Ohio = VYI of the USA PGP Fingerprint - 7E 8E C6 54 96 AC D9 57 E4 F8 AE 9C 10 7E 78 C9 -----------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE----- On Thu, 3 Jul 1997, Ryan Anderson wrote:
On Fri, 4 Jul 1997, ? the Platypus {aka David Formosa} wrote:
There is now meany patchers to avoid mail relaying like this. Good ISP's don't let mail to go from an outside site to anoughter outside site.
(identical to how the ISPs customers drop off mail)
No its diffrent ISP's customers move from the inside to the outside.
Well, with current technology, it's not too difficult to forge DNS entries, and I imagine you could forge enough entires to confuse a reverse DNS lookup. But this is really a different issue and I think the most recent version of Bind fixes some of these problems..
It would be possible to configure sendmail to only deliver a message that has an authorized host in the "MAIL FROM" and "RCPT TO" commands. This could possibly be defeated by forging DNS entries in the ISP's nameserver, but that's more than most spammers would probably want to risk.
----------------------------------------------------------------------- Ryan Anderson - <Pug Majere> "Who knows, even the horse might sing" Wayne State University - CULMA "May you live in interesting times.." randerso@ece.eng.wayne.edu Ohio = VYI of the USA PGP Fingerprint - 7E 8E C6 54 96 AC D9 57 E4 F8 AE 9C 10 7E 78 C9 -----------------------------------------------------------------------
Mark -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBM7ximCzIPc7jvyFpAQG51Qf8CBZziavfiVJzBqBWqzt28qNlnRG+LmFe dWb6Ba2fqAUWmaEuM3ZniyOcZwGQGpZqev7uRFf75jNk0eNwRd2hW8jEh+Eeqkwc fs8g0dvyS0j1Wxa2EJahIhouaNkvrxZE7ZLVWNhIIF05a1IAnOxTCmfkubBi0gdR W23PRQYG2ldePPlx3Ue4yctTTp6kXsmLv7OilcN8mx+Es7uXitGQUlCaFDFekj8k LxtcJ10kzXyZ/5UylcKXnNBWbyD/P9RjKLcH+5HiURPY2FXoWf6XzwSSzLGGPr3a Taq3XTx5brL+KW1pKlvOtlTp9G7xQ6jBPzHjWd26kl8Gq+B0Udo9hQ== =2d7Q -----END PGP SIGNATURE-----
On Thu, 3 Jul 1997, Ryan Anderson wrote:
On Fri, 4 Jul 1997, ? the Platypus {aka David Formosa} wrote:
There is now meany patchers to avoid mail relaying like this. Good ISP's don't let mail to go from an outside site to anoughter outside site.
[...]
Well, with current technology, it's not too difficult to forge DNS entries,
It means that the spammers will have to go to this effort, in addtion forgeing DNS like this has a neggitive infulence on the performence of most of the 'net. I beleave thay wouldn't try this in much the same way spammers rearly forge there way into moderatored newsgroups. Please excuse my spelling as I suffer from agraphia see the url in my header. Never trust a country with more peaple then sheep. Buy easter bilbies. Save the ABC Is $0.08 per day too much to pay? ex-net.scum and prouud I'm sorry but I just don't consider 'because its yucky' a convincing argument
participants (3)
-
? the Platypus {aka David Formosa} -
Mark M. -
Ryan Anderson