North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Micorsoft's Sender ID Authentication......?
On Thu, 9 Jun 2005, Stephen Sprunk wrote: If my grandmother has a "reputation" for sending legitimate email, and she inadvertently installs some spam zombie software, it is certainly feasible (and probably trivial) for the spammer to steal all her credentials and thus her "reputation". Spam will get out for a while, but once her "reputation" significantly degrades, it will be stopped -- as will any future legitimate email from her. No. You are (I suspect) deliberately ignoring the Big Picture. Your grandmother, if she is like most grandmothers, does not have a box coloed with a static IP from which she runs her own MTA. She gets a dynamic address assignment from her ISP. When her computer becomes infected with malware that causes it to emit abusive traffic, the reputation for that IP (or its containing netblock) is affected. The longer her ISP allows the abusive traffic, the lower the reputation becomes for that address (or its containing netblock). So you see, the reputation has nothing to do with your mom, and everything to do with the controlling entity, her ISP. Which makes the whole address-based sender reputation scheme almost workable, if you ignore the scaling issues. This "solution" strikes me as worse than the problem it tries to address. I'd never call it a "solution", but it is certainly a useful tool to use along with others in order to more successfully manage the problem. matto [email protected]<darwin>< The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke