I totally agree with Craig even i dont know what is being talked here too much, people can send fake emails to update someone's status. Only solution that came up to my mind (instead of those 3 technologies mentioned) is the user can add something special to him (lets call it a key) which will prove that the email is sent from him, and that key will of course wont be published, only to understand if it is a fake email or not.
2009/6/30 Craig Andrews <[email protected]> > I'm also somewhat concerned (call me a security nut if you must :-) ) that > someone will maliciously forge email from my address (spam does this all > the time - it's insanely easy to do) and send it to the laconica updater > address (they would have to find out my post-to email address, but I bet > it's not that hard). If the server checks SPF and DKIM, then for some > people who use servers that send email using DKIM and/or support SPF, > these malicious messages would be silently dropped. > > So SPF/DKIM seems like a win/win: drop bad email so you don't have to > process it, and ensure that "valid" email really is valid, eliminating > another attack vector. > > As long as the server conforms to the specs, there is no compatibility > problem with SPF or DKIM. As you said, the big players (Yahoo! Mail, > Hotmail, and GMail) have been using these 3 technologies for at least a > couple of years for incoming and outgoing mail. > > ~Craig > > > Anything that saves hits to maildaemon.php is a win, but spam won't > > hit it if you drop unknown recipient mail at smtp time. > > > > Basically, never accept all mail for a domain. > > > > Also, lots of spam is DK signed, so you still need SA at smtp time, > > whether you do expensive DK lookups or not. > > > > Concerted spamming on a laconica server that is open to wildcarding is > > going to bring it down. > > > > With 550 response to unknown users, it's dealt with quickly and cheaply. > > > > In my experience, DK for outgoing is good for delivery to > > hotmail/yahoo/gmail but the gateways seem to be pretty lenient at the > > moment. Anyone had delivery trouble? > > > > Stef > > > > On Mon, Jun 29, 2009 at 9:56 PM, Craig Andrews<[email protected] > > > > wrote: > >> Another improvement would be to implement DKIM and SPF checking in the > >> MTA > >> (postfix usually) that runs the domain. This instantly drops off a > >> decent > >> amount of spam, and would save hits to maildaemon.php. > >> > >> To be fully effective, the domain should use DKIM for outgoing mail, and > >> have SPF configured. > >> > >> http://laconi.ca/trac/ticket/488 > >> http://laconi.ca/trac/ticket/487 > >> http://laconi.ca/trac/ticket/490 > >> http://laconi.ca/trac/ticket/489 > >> > >> ~Craig > >> > >>> Hi all, just posted this to trac, but thought I would send to the > >>> list, apologies if it has already been addressed or implemented. > >>> > >>> I did see > >>> http://mail.laconi.ca/pipermail/laconica-dev/2009-March/001046.html > >>> but it seems to me that relying on the checks in maildaemon.php, > >>> rather than dropping invalid recipient mail on the floor first, is > >>> unnecessarily expensive. I understand that the idea is simply to > >>> validate posts, but from a system usage and architecture viewpoint, > >>> this should get done only after the MTA handles the email correctly. > >>> > >>> Accepting all email for a domain has to be seen as something that will > >>> affect availability, performance and security. Wildcarding all mail > >>> for a domain and running it through a script will create performance > >>> and availability issues, and will expose the system to attack. I think > >>> the maildaemon.php script works well, but every mail sent to a > >>> laconica server hits it with the commonly found *|maildaemon.php > >>> /etc/aliases setup. > >>> > >>> MTAs like postfix have very robust solutions to this if allowed to > >>> work the way they are supposed to, by checking if we want to accept > >>> mail for a recipient address, i.e. the made up email address. > >>> > >>> Even with an average amount of spam, let alone an attack, performance > >>> has to be affected. > >>> > >>> I have a draft howto http://pbj.ca/postfix.html that properly rejects > >>> invalid mails before they hit maildaemon.php, using postfix. > >>> > >>> Example output from mail on my laconica instance: > >>> > >>> $ telnet localhost 25 > >>> Trying 127.0.0.1... > >>> Connected to localhost.shellfusion.net. > >>> Escape character is '^]'. > >>> 220 aurora.nearsourceit.com ESMTP Postfix > >>> helo localhost > >>> 250 aurora.nearsourceit.com > >>> mail from: [email protected] > >>> 250 2.1.0 Ok > >>> rcpt to: [email protected] > >>> 250 2.1.5 Ok > >>> data > >>> 354 End data with <CR><LF>.<CR><LF> > >>> telnet post ;) > >>> . > >>> 250 2.0.0 Ok: queued as 2420613C41A > >>> quit > >>> 221 2.0.0 Bye > >>> Connection closed by foreign host. > >>> $ telnet localhost 25 > >>> Trying 127.0.0.1... > >>> Connected to localhost.shellfusion.net. > >>> Escape character is '^]'. > >>> 220 aurora.nearsourceit.com ESMTP Postfix > >>> mail from: [email protected] > >>> 250 2.1.0 Ok > >>> rcpt to: [email protected] > >>> 550 5.1.1 <[email protected]>: Recipient address rejected: User > >>> unknown in virtual mailbox table > >>> > >>> I advise everyone to implement proper recipient checking using the > >>> incomingemail data in their database with an MTA; maildaemon.php is > >>> not a substitute for recipient checking. > >>> > >>> Regards, > >>> > >>> Stef > >>> > >>> Stefan Caunter > >>> _______________________________________________ > >>> Laconica-dev mailing list > >>> [email protected] > >>> http://mail.laconi.ca/mailman/listinfo/laconica-dev > >>> > >> > >> > >> > > > > > _______________________________________________ > Laconica-dev mailing list > [email protected] > http://mail.laconi.ca/mailman/listinfo/laconica-dev >
_______________________________________________ Laconica-dev mailing list [email protected] http://mail.laconi.ca/mailman/listinfo/laconica-dev
