Re: [dmarc-ietf] Fwd: New Version Notification for draft-kucherawy-dkim-delegate-00.txt

[Elizabeth Zwicky]

On 6/12/14, 3:10 AM, "Stephen J. Turnbull" <step...@xemacs.org> wrote:

>John R Levine writes:
>
> > For this application I don't see x= as much protection.  If a bad guy
> > subscribes to the list or gets messages via something like gmane, he
> > can do the mutate and spam in close to real time.
>
>Is this a practical concern, though?  The levels of spam etc that
>drove Yahoo! and AOL to "p=reject" were *huge*, and have persisted
>(according to Elizabeth Zwicky of Yahoo!) for several weeks after
>imposition of "p=reject".  The "retail" spams you describe are still
>going to have to run the obstacle course of content filtering, I would
>suppose, and x= means they have to use substantial resources to
>continually harvest new signatures.  Do-able, of course, but how much
>of a threat?


I did not say that the levels were the same; I said the attackers have
not gone away. They are not at high volume, but they're sure sitting
there checking to see whether or not it's working.

x= is a weak protection here; spammers can and do move millions of
messages a minute to us. Then again we are well placed to implement
special handling here, as are most if not all sites receiving mail
at this kind of scale. So the problem is at small and intermediate
sites.

        Elizabeth


>
>_______________________________________________
>dmarc mailing list
>dmarc@ietf.org
>https://www.ietf.org/mailman/listinfo/dmarc

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc