[77787] in North American Network Operators' Group
Re: Sender authentication & zombies (was Re: Time to check the rate
daemon@ATHENA.MIT.EDU (Sean Donelan)
Sat Feb 5 23:36:34 2005
Date: Sat, 5 Feb 2005 23:36:08 -0500 (EST)
From: Sean Donelan <sean@donelan.com>
To: nanog@merit.edu
In-Reply-To: <20050206031021.GN25489@arctic.org>
Errors-To: owner-nanog-outgoing@merit.edu
On Sat, 5 Feb 2005, J.D. Falk wrote:
> > DK or IIM makes it clear who is administering the server and this
> > authentication permits reputation assessment. Add an account
> > identifier, and the problem is nailed.
>
> Ah, so you're saying that only the reputation of individual
> e-mail addresses is worth paying attention to? How do you
> expect that to scale to billions of messages per day?
Isn't that called S/MIME and PGP? It hasn't scaled yet. I've received
two S/MIME messages in my life, and a few more PGP messages. A problem
is if the computer has been compromised, its likely the authentication
information stored on the computer has also been compromised or will be
when the user starts typing any missing information. Very few
consumer-grade computers have advanced security devices installed.
As I keep saying, a secure computer rarely DDOSes, spams or sends viruses.
And when they do, its much easier to whack the owner. So how do we keep
computers secure and fix the insecure ones?
