Spam Spotlight on Reputation
hadmut at danisch.de
Mon Sep 6 15:15:33 PDT 2004
On Mon, Sep 06, 2004 at 11:52:03AM -0600, R. A. Hettinga wrote:
> E-mail security company MX Logic Inc. will report this week that 10 percent
> of all spam includes such SPF records,
I have mentioned this problem more than a year ago in context of
my RMX draft (SPF, CallerID and SenderID are based on RMX).
Interestingly, nobody really cared about this major security problem.
All RMX-derivatives block forged messages (more or less). But what
happens if the attacker doesn't forge? That's a hard problem. And a
problem known from the very beginning of the sender verifikation
The last 17 month of work in ASRG (Anti Spam Research
Group, IRTF) and MARID (Mail authorization records in DNS, IETF) are
an excellent example of how to not design security protocols.
This was all about marketing, commercial interests, patent claims,
giving interviews, spreading wrong informations, underminding
development, propaganda. It completely lacked proper protocol design,
a precise specification of the attack to defend against, engineering
of security mechanisms. It was a kind of religious war. And while
people were busy with religious wars, spammers silently realized that
this is not a real threat to spam. Actually, it sometimes was quite
the opposite: I was told of some cases where MTAs were configured to
run every mail through spam assassin. Spam assassin assigns a message
a higher score if the sender had a valid SPF record. Since most
senders with valid recors were the spammers, spam received a higher
score than plain mail, which is obviously the opposite of security.
People spent more time in marketing and public relations than
in problem analysis and verifikation of the solution. That's the
What can we learn from this?
Designing security protocols requires a certain level of
security skills and discipline in what you want to achieve.
Although RMX/SPF/CallerID/SenderID does not make use of cryptography,
similar problems can be sometimes found in context of cryptography.
Knowing security primitives is not enough, you need to know how to
assemble them to a security mechanism. Good lectures are given about
the mathematical aspects of cryptography. But are there lectures about
designing security protocols? I don't know of any yet.
And there is a new kind of attack: Security protocols themselves
can be hijacked and raped by patent claims.
More information about the cypherpunks-legacy