Earthlink to Test Caller ID for E-Mail

Eugen Leitl eugen at leitl.org
Sat Mar 6 05:21:18 PST 2004 

On Sun, Mar 07, 2004 at 01:26:47AM +1300, Peter Gutmann wrote:
> Eugen Leitl <eugen at leitl.org> writes:
>
> >"A way that works" would involve passphrase-locked keyrings, and forgetful
> >MUAs (this mutt only caches the passphrase for a preset time).
>
> "A way that works *in theory* would involve ...".  The chances of any
vendor

No, that was a definition. I made no statement about how users take to
passphrases, and vendors implementing this unwelcome feature.

Works well for me, though.

> of mass-market software shipping an MUA where the user has to enter a
password
> just to send mail are approximately... zero.

I agree. It doesn't mean signing (whether in MUA or MTA level) is useless.
Only a tiny fraction of all systems is compromised, and if those systems use
signed mail blocking them is actually easier (generating new keys on an 0wn3d
machine introduces extra degrees of complication, and limits the rate of
mail sent). If this is adopted on a large scale, nonsigned mail would
automatically increase the spam scoring function, further speeding adoption.

> >Filtering for signed/vs. unsigned mail doesn't make sense, authenticating
and
> >whitelisting known senders by digital signature makes very good sense.
>
> In that case you can just filter by sender IP address or something
(anything)
> that's simpler than requiring a PKI.  Again though, that's just another

Parsing headers is problematic, and signatures work at user, not at IP level
(there are public mail services which serve millions of users with just a few
IPs). You can as well sign at MTA level, if users are authenticated, and each
of
them has a signature.

> variant of the "Build a big wall" dream.  In order to have perimeter
security

Every exploitable system will be exploited, if a sufficient incentive is
present. You can't get around the fact that we need to modify the
infrastructure. Specifically for spam, facultative strong authentication is a
part of a solution (there is no single solution, because it's a complex,
adaptive problem).

> you first need a perimeter.  If the spammer you're trying to defend against
is
> your own mother (because she clicked on an attachment you sent her, it says
so
> in the From: address, that's actually a spam-bot), you don't have a
perimeter.
> All you have is a big pile of Manchurian candidates waiting to bite you.

When I get virus mail from someone who has my email in my address book, it
would be nice if that mail was signed, so I could contact her, and tell her
she has a problem.

Facultative strong authentication doesn't nuke anonynimity. It does shift it
into darker, seedier corners of communication, though. Which is only natural:
trolls thrive on anonymity, giving it a bad rap. Which is why we need a nym
supporting infrastructure.

-- Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org         http://nanomachines.net

[demime 1.01d removed an attachment of type application/pgp-signature]

More information about the cypherpunks-legacy mailing list