Great Circle Associates List-Managers
(June 1998)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: [spamtools] Spam Filtering and Messy Details.
From: "Ronald F. Guilmette" <rfg @ monkeys . com>
Date: Thu, 11 Jun 1998 13:52:11 -0700
To: spamtools @ abuse . net
Cc: List-Managers @ GreatCircle . COM
In-reply-to: Your message of Thu, 11 Jun 1998 14:18:10 -0500. <199806111918 . OAA11049 @ nuinfo . nwu . edu>

In message <199806111918 .
 OAA11049 @
 nuinfo .
 nwu .
 edu>, you wrote:

>It might be feasible to get public key signing of list messages
>folded into new releases of some list software...

Or maybe into a forthcoming RFC (?)

>...  But there would be a sigificant time lag getting it adopted.

Yes.

>The particular scheme you suggest sounded like it might be possible
>for a spammer to subscribe to a real list and re-use its 
>authetication header on spam, since you are only signing the
>Date: header, not the message body...

No, because the spammer would not actually ever be in possesion of the
_true_ list owner's private key.  Thus, he could not properly encript
the date/timestamp so that it would properly decrypt with the corresponding
public key.

>There's also the question ITAR and cyptography; though I think
>this can be bypassed if you can use a scheme that can only
>be used for signing and not for encryption.

History has shown that export from the U.S. is rarely if ever necessary
with these sorts of things.  You just get someone in some less anal location
than the U.S. (e.g. Europe) to write the code and put it up on an FTP site
there and then we Americans can _import_ it rather than exporting it.


-- Ron Guilmette, Roseville, California ---------- E-Scrub Technologies, Inc.
-- Deadbolt(tm) Personal E-Mail Filter demo: http://www.e-scrub.com/deadbolt/
-- Wpoison (web harvester poisoning) - demo: http://www.e-scrub.com/wpoison/


References:
Indexed By Date Previous: Re: Spam Filtering and Messy Details.
From: murr rhame <murr @ vnet . net>
Next: Re: Finding A Listowner
From: Chuq Von Rospach <chuqui @ plaidworks . com>
Indexed By Thread Previous: Re: [spamtools] Spam Filtering and Messy Details.
From: albert-lunde @ nwu . edu (Albert Lunde)
Next: Re: Spam Filtering and Messy Details.
From: Stan Ryckman <stanr @ sunspot . tiac . net>

Google
 
Search Internet Search www.greatcircle.com