On Thu, 07 Oct 2010 12:10:37 -0000, Sven Olaf Kamphuis said: > If what you're asking under point c is "what happens if a system that > contains such a password for your email address gets compromised" the > answer is simple, you remove that specific password from your approved > passwords list
140 million or so compromised systems. You may be spending a lot of time removing compromised passwords from your list - and even more problematic, notifying everybody of the *new* password(s) they should use to e-mail to you. So far this month, I've seen 4,964 mails from 1,090 different From: lines (mostly due to a subscription to the linux-kernel list, which is a true fire hose), and some 250 different SMTP MAIL FROM: sources. > (note that on the receiver side, the password is not > linked > to the source email address, senders can use any source email address they > want, as long as one of the currently active/accepted passwords is in the > email) We'll overlook the fact that if the password isn't linked to the source address, then *any* sender can use any source they want, as long as as it's known that *some* sender used '97%-chicken-teriyaki' as a password. And with 140 million compromised boxes, there's a basically never-ending supply of credentials to be stolen and used. > remaining problems with this system are: > by lack of a standard header for Password: which should be supported by > all clients, address books, online shops, mailinglists, we put the > password in the email, which means, that on Cc:'s and forwards etc > the password got forwarded along with the email, potentially giving other > people the password too. And you recognize that your scheme leaks said passwords, but that's not a fatal problem. > Now, this is -100%- spam stopping, smtp can be as open relay and you want, > the internet can be full of compromised windows boxes chunking out tons of > crap, but you won't get any spam, just mail from people YOU choose to deal > with, by actively -giving- them a password yourself, which you can also > -revoke-. So explain to me in *detail* - you're in the To: line of this mail. I don't believe I've sent to you in the past. I acquire a password valid to send you this e-mail, how, exactly? After all, I can't e-mail you and ask for one... After that, explain how a Hotmail user migrates to GMail (or vice versa) and retains their ability to contact everybody they used to contact. You might want to look at this: http://www.rhyolite.com/anti-spam/you-might-be.html and see how many of the entries in the list apply to your proposal. (Nothing personal - I don't think *any* realistic anti-spam proposal can get much traction unless they've at least *thought* about every single bullet point on that list). Further discussion is probably best on SPAM-L.
pgpSCDeDKmbOX.pgp
Description: PGP signature
