Re: Challenge-response mail filters considered harmful
On Sun, 2003-08-03 at 13:37, David Fokkema wrote:
> On Sun, Aug 03, 2003 at 05:13:26AM +0100, Karsten M. Self wrote:
> > As some here are aware, I maintain a rant-o-matic with some standard
> > screeds on frequently iterated issues. The C-R issue is one that's been
> > nagging at me for a while, here's the draft of why C-R is considered
> > harmful. Critique/comment welcomed.
> >
> > You're problably receiving this because I've received a C-R from
> > your mail system. If you've received this, that is....
> >
> > Spam is a growing, heck, exploding problem. No doubt.
> > Challenge-response (C-R) is a flawed tactic, for the following
> > reasons.
> >
> > 0. Weak, and trivially abused, verification basis.
> >
> > The 'FROM:' header of email can be, and routinely is, spoofed.
> > It offers no degree of authentication or evidence of identity.
>
> As filtering is a spam-reduction system, so is C-R. The chance of
> receiving spam from a whitelisted address is, in the experience of tmda
> users, very rare. And even if it happens, it only adds up to low
> statistics.
As it turns out, just *today*, I received spam seemingly from
charter.net (but that may have just been a relay).
However, look what was spoofed:
Return-Path: <matthew@telusplanet.net>
From: Matthew Graybosch <matthew@telusplanet.net>
Subject: Re: Terminal error
Matthew Greybosch is know to me from the Libranet mailing list, and
so is the Subject.
--
+-----------------------------------------------------------------+
| Ron Johnson, Jr. Home: ron.l.johnson@cox.net |
| Jefferson, LA USA |
| |
| "I'm not a vegetarian because I love animals, I'm a vegetarian |
| because I hate vegetables!" |
| unknown |
+-----------------------------------------------------------------+
Reply to: