Home page logo
/

nanog logo nanog mailing list archives

Re: Complaint of the week: Ebay abuse mail (slightly OT)
From: Michael.Dillon () radianz com
Date: Tue, 5 Aug 2003 09:56:52 +0100


The web of trusted email servers would use a new and improved mail
transfer protocol (NIMTP) that would only be used to exchange email
between trusted servers. Users could continue to use authenticated SMTP 
to
initiate the sending of email, but nobody would accept any 
unauthenticated
SMTP servers any more.

And this would deploy how?  In particular, consider the following 
questions:

A few of the larger user sites such as AOL and MSN would deploy it between 
themselves. Once it is proven, they would analyse their logs and invite 
the large email sender sites to begin using the protocol. Once it is clear 
that NIMTP can be deployed easily and cheaply, they begin to impose rate 
limiting on email senders using SMTP which will cause queues to build at 
the email sender sites. Eventually running NIMTP will be recognized as the 
right thing to do and everyon will use it.

1) What *immediate* benefits do you get if you are among the first to 
deploy?
(For instance, note that you can't stop accepting "plain old SMTP" till
everybody else deploys).

You can replace complex and buggy spam filtering software with simple 
rules on your NIMTP servers. Since the spammer cannot spoof their 
identity, you simply rate limit them based on the volume of attempts. I.e. 
if a sender attempted to send 10 messages in one hour, you might limit him 
to 2 per hour but if he attempted to send 100 per hour you would limit him 
to 1 per hour. And if he attempted to send 1000 per hour you would limit 
him to 1 every 4 hours.


2) Who bears the implementation cost when a site deploys, and who gets 
the
benefit? (If it costs *me* to deploy, but *you* get the benefit, why do I 
want
to do this?)

The site owners pay all the costs and reap all the benefits. Just like 
today with spam filtering. 

3) What percentage of sites have to deploy before it makes a real 
difference,
and what incremental benefit is there to deploying before that? (For any 
given
scheme that doesn't fly unless 90% or more of sites do it, explain how 
you
bootstrap it).

The incremental benefit is there if NIMTP deployment starts with large 
email sites.

4) Does the protocol still keep providing benefit if everybody deploys 
it?
(This is a common problem with SpamAssassin-like content filters - if 
most
sites filter phrase "xyz", spammers will learn to not use that phrase).

Of course it keeps providing benefits. The two key elements of NIMTP (New 
Improved Mail Transfer Protocol) are that the receiver will only receive 
email messages from a known sender site and the sender site will certify 
the identity of the message sender. In order to know the sender site, 
there needs to be an authentication handshake for a session and it needs 
to be based on some kind of prearranged agreement and key exchange. In 
order to certify the message sender, all messages will need to be relayed 
through an NIMTP relay site and the message sender will need to 
authenticate themself, i.e. using something like AuthSMTP. But AuthSMTP 
will only be used between mail clients and their email service provider. 
NIMTP is intended to be used between email service providers. Some of 
these NIMTP sites will be relaying email for smaller NIMTP sites that 
cannot afford the complexity of prearranging keys with all other NIMTP 
sites.

To summarize, the NIMTP core will have NIMTP peering arrangements with 
every other member of the NIMTP core, but many NIMTP sites will only have 
NIMTP peering with one or two other sites. In order for anyone to send 
email within the NIMTP world they will need to hand the email to any NIMTP 
site who will relay it to its destination. But the NIMTP site will only 
accept email if it can certify the sender's identity.

If you have a *serious* proposal that actually passes all 4 questions (in
other words, it provides immediate benefit to early adopters, and still
works when everybody does it), bring it on over to 'asrg () ietf org'.

I've just joined the ASRG list and if I can find the time I will try to 
write this up as a draft architecture and post it. But feel free to copy 
these emails to ASRG if you feel it would be worth discussing there.

--Michael Dillon




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault