|
»
Horses
|
View:
New views
2 Messages
—
Rating Filter:
Alert me
|
 |
Horses
by Gordon Peterson
::
Rate this Message:
> It's been best practice for a decade to use SUBMIT or a tunnel back to
your own host to send mail. These days it's just laziness to do anything else. As someone else asked a few minutes ago, are there any significant mail systems that still don't provide SUBMIT? Yes... basically ALL of those which allow you to send e-mails though an e-mail kiosk-type service, such as you find at airport waiting lounges, cruise ship and other public-access Internet cafes, (including Internet mail public-access systems you find at public libraries, Chinese post offices, etc. etc., where you do not get to use your own computer, and basically are limited to entering your return e-mail address, the destination e-mail address, the subject, and your mail message.) >>>E-mail coming from unfamiliar correspondents can be held to a (even much) > >higher-than-usual standard regarding the ground rules for what is > >acceptable and what is not. > Yes, that's why we've been working on mail authentication a la DKIM for The point being that Aunt Martha's machine can be compromised, such that even with her own IP, her habitual outgoing mail server, and her valid credentials, it might still be shipping spam. It's not enough that it LOOKS like (or even IS) coming from her... just as it's not enough to see that mail has your friend's return E-mail address if it's actually Grouply spam. It's far better to see whether the incoming e-mail with Martha's return address has all the typical things that Aunt Martha's mail messages ACTUALLY HAVE (for example, does it use the 'stationery' that she maybe 'always' uses?) Again, this is analogous to what humans actually do when considering a suspect incoming e-mail message... does it look the way you'd expect mail FROM THAT SENDER to actually look? What yellow or red flags is it flying? This requires looking at the content, too. -- Gordon Peterson II http://personal.terabites.com 1977-2007: Thirty year anniversary of local area networking _______________________________________________ Asrg mailing list Asrg@... http://www.irtf.org/mailman/listinfo/asrg |
|
|
Re: Horses
by Ian Eiloart
::
Rate this Message:
--On 22 June 2009 13:04:29 -0500 Gordon Peterson <gep2@...> wrote: > > > Yes, that's why we've been working on mail authentication a la DKIM for > > The point being that Aunt Martha's machine can be compromised, such that > even with her own IP, her habitual outgoing mail server, and her valid > credentials, it might still be shipping spam. It's not enough that it > LOOKS like (or even IS) coming from her... If Aunt Martha's spamming me, then I'll know it from the content. I can then help her fix the problem, provided the authentication tells me that her credentials have been used. Otherwise, I'll just put it down to spoofing. If I don't know Aunt Martha, I'll still want to alert her or her ISP that she's spamming. I don't care who the owner of the botnet is, it's Aunt Martha that can fix her machine. > just as it's not enough to see > that mail has your friend's return E-mail address if it's actually > Grouply spam. It's far better to see whether the incoming e-mail with > Martha's return address has all the typical things that Aunt Martha's > mail messages ACTUALLY HAVE (for example, does it use the 'stationery' > that she maybe 'always' uses?) Again, this is analogous to what humans > actually do when considering a suspect incoming e-mail message... does it > look the way you'd expect mail FROM THAT SENDER to actually look? What > yellow or red flags is it flying? This requires looking at the content, > too. > -- Ian Eiloart IT Services, University of Sussex 01273-873148 x3148 For new support requests, see http://www.sussex.ac.uk/its/help/ _______________________________________________ Asrg mailing list Asrg@... http://www.irtf.org/mailman/listinfo/asrg |
| Free embeddable forum powered by Nabble | Forum Help |
