On Wed, Sep 17, 2003 at 04:35:07PM -0500, Tim Legant wrote:
> This system is unable to distinguish between mail from a new sender
> and challenges generated by other C/R users who received SPAM with a
> forged envelope sender.
I would actually use multiple headers so this is not a
problem.
Let me walk you through an example.
I send you a message. It has the following header:
X-TMDA-Message-Id: MSG11111.abcdefg
You receive the message. TMDA challenges it because I am not
on your white list. The challenge message contains the following
headers:
X-TMDA-Message-Id: MSG22222.aeiouy
X-TMDA-Challenge-Id: MSG1111.abcdefg
My TMDA receives the message from your TMDA. My TMDA sees the
X-TMDA-Challenge-Id. It knows that the message is a challenge. It
knows it does not need to send the message to me. It needs to either
Affirm or Disown the message. My TMDA looks at the anaylizes the
X-TMDA-Challenge-Id to see if it is cryptographically valid. (The
signature on the X-TMDA-Challenge-Id could also include "To" address,
the "Subject" and the "Date", so that spammers would not be able to
reuse a X-TMDA-Message-ID that I would always validate. Or,
alternatively, I colud keep a database of all the X-TMDA-Message-ID I
had generated and match challenges against that database. Whatever -
the exact implementation does not matter, and I can always beef it up
later.)
Okay if my TMDA decide to Affirm the message, it sends you a
message with:
X-TMDA-Message-Id: MSG33333.bcdfgh
X-TMDA-Affirm-Id: MSG11111.abcdefg
Your TMDA recieves the message. It sees the X-TMDA-Affirm-Id
and knows it does not neet to challenge the message. If the
X-TMDA-Affirm-Id message matches the id of a pending message, that
message is delivered. If there is no matching id, the affermation
email is deleted.
Alternatively, my TMDA could disown the message with:
X-TMDA-Message-Id: MSG44444.zyxwvu
X-TMDA-Disown-Id: MSG11111.abcdegf
Your TMDA could automatically process this message, as well.
TMDA knows it does not need to challenge this message.
> Without a standard it will be even more difficult/expensive for
> spammers to maintain software that identifies and properly replies
> to many, varied types of challenges. This is also a good thing.
Without a standard:
* C/R does not interoperate with mailing lists and automated mailings.
* Humans have to manually respond every challenge.
* Only savvy users, who understand all the different types of
disposable email addresses can use C/R effectively.
* C/R cannot become a solution that everyone can use.
If that is what you want C/R to be, then you do not need a
standard. Which, BTW, is a totally acceptable position to take.
-Matthew.
______________________________________________________________________
[EMAIL PROTECTED]
_____________________________________________
tmda-users mailing list ([EMAIL PROTECTED])
http://tmda.net/lists/listinfo/tmda-users
