Re: Bug#207300: tmda: Challenge-response is fundamentally broken

To: John Hasler <john@dhh.gt.org>
Cc: debian-devel@lists.debian.org, Brian May <bam@debian.org>
Subject: Re: Bug#207300: tmda: Challenge-response is fundamentally broken
From: Osamu Aoki <osamu@debian.org>
Date: Sat, 30 Aug 2003 19:18:28 +0200
Message-id: <[🔎] 20030830171828.GA3684@aokiconsulting.com>
Mail-followup-to: John Hasler <john@dhh.gt.org>, debian-devel@lists.debian.org, Brian May <bam@debian.org>
In-reply-to: <[🔎] 87k78v9uwn.fsf@toncho.dhh.gt.org>
References: <[🔎] 20030827151241.GK28955@flounder.net> <[🔎] 20030827163007.GE29269@dragon.kitenet.net> <[🔎] 20030827184927.GA22393@riva.ucam.org> <[🔎] 20030827203453.GS28955@flounder.net> <[🔎] 20030828113525.GA28835@guildenstern.dyndns.org> <[🔎] 20030828152122.GI6771@flounder.net> <[🔎] 20030829054813.GG31668@taz.net.au> <[🔎] 20030830004217.GE2742@snoopy.apana.org.au> <[🔎] 20030830082232.GN2732@ganymede> <[🔎] 87k78v9uwn.fsf@toncho.dhh.gt.org>

I think challenge response needs extra care.  

Anyway, current e-mail worm/virus incident is pretty bad.

On Sat, Aug 30, 2003 at 07:44:56AM -0500, John Hasler wrote:
> Brian May writes:
> > You saying that any SMTP MTA that sends bounces to unauthenticated
> > E-Mail addresses is also broken?
> 
> Karsten M. Self writes:
> > At the very least, this is a small subset of the incoming mail.
> 
> This is about a quarter of my incoming mail.

I filter e-mail worm/virus mail bounces by reading the attached original
mail header.  Most bounces keep the good amount of original header
information.

## Worm e-mails by the header
:0
* ^X-Mailer: Microsoft
* ^X-MailScanner: Found to be clean
Xworm/

## Worm bounces by the header&body
:0 BH
* ^FROM_MAILER
* ^X-Mailer: Microsoft
* ^X-MailScanner: Found to be clean
Xworm-bounce/

I guess our e-mail server can do the similar checks.

Osamu

Reply to:

References:
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: Adam McKenna <adam@flounder.net>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: Joey Hess <joeyh@debian.org>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: Colin Watson <cjwatson@debian.org>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: Adam McKenna <adam@flounder.net>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: "Karsten M. Self" <kmself@ix.netcom.com>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: Adam McKenna <adam@flounder.net>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: Craig Sanders <cas@taz.net.au>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: Brian May <bam@debian.org>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: "Karsten M. Self" <kmself@ix.netcom.com>
- Re: Bug#207300: tmda: Challenge-response is fundamentally broken
  - From: John Hasler <john@dhh.gt.org>

Prev by Date: Re: GDM in sid does not read /etc/environment anymore
Next by Date: Re: debian archive disk space requirements.
Previous by thread: Re: Bug#207300: tmda: Challenge-response is fundamentally broken
Next by thread: Re: Bug#207300: tmda: Challenge-response is fundamentally broken
Index(es):
- Date
- Thread