North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Sender authentication & zombies (was Re: Time to check the ratelimits on your mail servers)

  • From: Sean Donelan
  • Date: Sat Feb 05 23:37:14 2005

On Sat, 5 Feb 2005, J.D. Falk wrote:
> > DK or IIM makes it clear who is administering the server and this
> > authentication permits reputation assessment.  Add an account
> > identifier, and the problem is nailed.
> 	Ah, so you're saying that only the reputation of individual
> 	e-mail addresses is worth paying attention to?  How do you
> 	expect that to scale to billions of messages per day?

Isn't that called S/MIME and PGP?  It hasn't scaled yet.  I've received
two S/MIME messages in my life, and a few more PGP messages.  A problem
is if the computer has been compromised, its likely the authentication
information stored on the computer has also been compromised or will be
when the user starts typing any missing information.  Very few
consumer-grade computers have advanced security devices installed.

As I keep saying, a secure computer rarely DDOSes, spams or sends viruses.
And when they do, its much easier to whack the owner.  So how do we keep
computers secure and fix the insecure ones?