[103778] in North American Network Operators' Group
Re: the O(N^2) problem
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Mon Apr 14 03:34:30 2008
Date: Mon, 14 Apr 2008 12:39:22 +0530
From: "Suresh Ramasubramanian" <ops.lists@gmail.com>
To: "Steven M. Bellovin" <smb@cs.columbia.edu>
Cc: "Edward B. DREGER" <eddy+public+spam@noc.everquick.net>, nanog@merit.edu,
"Owen DeLong" <owen@delong.com>
In-Reply-To: <20080414062005.3b92fc70@cs.columbia.edu>
Errors-To: owner-nanog@merit.edu
On Mon, Apr 14, 2008 at 11:50 AM, Steven M. Bellovin
<smb@cs.columbia.edu> wrote:
> The risk in a reputation system is collusion.
Multiple reputation systems, each with their own reputation .. Sed
quis custodiet ipsos custodes and all that ..
A lot of the "reputation" (aka "positive reputation") shall we say
work is heavily sender / ESP / bulk mailer etc driven. And the
negative reputation stuff (blocklists like spamhaus etc) have been
around rather a long time.
So quite a few ISPs tend to rely on trusted negative reputation
systems (aka they'd use spamhaus) and build positive reputation
(whitelists) on their own, possibly tying this to auth systems such as
dkim.
--srs
--
Suresh Ramasubramanian (ops.lists@gmail.com)
