North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers)
On 02/05/05, Douglas Otis <[email protected]> wrote: > On Sat, 2005-02-05 at 19:10, J.D. Falk wrote: > > On 02/05/05, Douglas Otis <[email protected]> wrote: > > > > > DK or IIM makes it clear who is administering the server and this > > > authentication permits reputation assessment. Add an account > > > identifier, and the problem is nailed. > > > > Ah, so you're saying that only the reputation of individual > > e-mail addresses is worth paying attention to? How do you > > expect that to scale to billions of messages per day? > > Without authenticating an identity, it must not be used in a reputation > assessment. Currently this is commonly done by using the remote IP > address authenticated through the action of transport. In the name > space there are two options, the HELO and a validated signature. DK and > IIM are attempting to allow the signature solution to scale. Heh, you don't need to convince me that DomainKeys is a good idea. I just don't see how you're jumping from the issue of end-user authentication (which is not free from zombies, as others have explained already) to domain-level reputation. Where's the link? If you're talking about adding user-level signatures to something like DomainKeys (which we already have in s/mime), how do you propose to scale that to interact with the reputation determination for billions of messages per day? -- J.D. Falk uncertainty is only a virtue <[email protected]> when you don't know the answer yet
|