[LINK] NYT/SMH: To beat spam, pay to send email
sjenkin at canb.auug.org.au
Wed Feb 4 19:00:42 EST 2004
[I tried to post this earlier today & it seems to have failed]
Sorry, but a simple scheme of 1c/e-mail cannot work. The notion behind it
Proof is trivial: Spammers _take over_ client systems to send their mail.
[They don't all use open relays]. Spam e-mail will be billed to the
owner of the compromised system. Will these people want to sue
Microsoft, who they can find, or the spammers they can't find?
Corollary: What isn't Spam easy to kill?
You can't detect it.
Why? Because the sender is forged, the subject line is (intentionally)
misleading and the mail is not identified (tagged in the headers).
In my quick scan of the piece, I didn't notice if this was addressed.
It has long been a serious offence in all (?) jurisdictions to tamper with
or forge real mail. It would be good to apply a similar standard to
e-mail, and that can only be done by digitally signing mails. Curent MTA's
can't afford to confirm signatures match 'From' lines...
Do I have a definitive solution? Sorry, no. [I've seen many proposed]
And I don't have a proof that one can't be built.
[The trivial proof is that ONLY completely secure computer is not
[connected to anything. Therefore, no completely secure network services
[can be built because any of the components could be
[compromised,subverted, spoofed or overwhelmed.
['Digital Security' is always required to be perfect - real world systems
[aren't perfect and 'reasonable' risk is accepted
The Universal ID problem Roger raises [Australia Card echos?] is good.
Until Microsoft can produce _impeneterable_ systems, and force their users
to run them securely, any scheme based on 'provable' identity will fail.
Could we attack the problem other ways?
- Denial of Service attacks against sites is unethical and trivially
- For spammers trying to sell 'product', I'd like to be able to click-thru
to the site and enter a variant of my credit card details that caused the
transaction to be flagged and no charge made to me. [Can't give me any
money or it would be misused].
- For spammers not selling and not giving physical or cyber addresses, how
do you trace back to them??
What we don't have currently is 'Spam Free Zones' - networks of MTA's that
don't send Spam and trust one another. Connections into/out of Zones
could be via a small number of MTA's. Zone can interconnect over SSL or
similar by exchanging public key certificates countersigned by ?????.
Only 'outside' mail needs to be examined...
There are multiple problems with this:
- 'mole' MTA's setup specifically to get inside
- intentional pollution of Zones
- comprimise, spoofing etc of Zones
- Single point of failure & Denial-of-Service attack against public MTA's
- "Hard shell, soft center" problem - all defences in one place.
Thanks to Roger for passing on this good article.
On Wed, 4 Feb 2004, Roger Clarke wrote:
> [An excellent review article. The SMH reckoned it was so clear and
> interesting that it actually put it on the front page. But it has a
> chilling element to it. See the embedded comment]
> Paying for email
> The Sydney Morning Herald, re-published from NYT
> Date: February 4 2004
> Roger Clarke http://www.anu.edu.au/people/Roger.Clarke/
> Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
> Tel: +61 2 6288 1472, and 6288 6916
> mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
> Visiting Professor in the eCommerce Program, University of Hong Kong
> Visiting Professor in the Baker Cyberspace Law & Policy Centre, U.N.S.W
> Visiting Fellow in Computer Science, Australian National University
> Link mailing list
> Link at mailman.anu.edu.au
Steve Jenkin, Unix Sys Admin
0412 786 915 (+61 412 786 915)
PO Box 48, Kippax ACT 2615, AUSTRALIA
More information about the Link