Mailing List Archive: SPF: Discuss

updates from Foo Camp

Index | Next | Previous | View Threaded

mengwong at dumbo

Oct 14, 2003, 1:19 PM

Post #1 of 3 (276 views)
Permalink

updates from Foo Camp

In Vixie's eyes, the biggest challenge for SPF is getting enough people
to adopt it.

I'm quite sanguine about this: there are a fair number of reasons people
will be moved to publish SPF records: a fear of joe-jobs, a desire to
reduce bogus abuse@ complaints, a desire to protect the domain name as
brand.

And obviously people will perform queries simply because they want to
get less spam.

So at Foo Camp I got to speak with a number of people.

I spoke with Vipul of Vipul's Razor, and we agreed that a distributed
reputation service could be developed without too much fear of the
VeriSign scenario.

I spoke with Esther Dyson briefly and I will send her technical details
once the new draft RFC is ready.

I also spoke to Pravir Chandra from AOL Security. I know that sounds
scary impressive but he's actually a mean ping-pong player even drunk.
Also he was wearing a Strong Bad hoodie at the time. Anyway, he said
he'd be willing to pitch it to the AOL team once the configuration stuff
got simplified.

(I've personally observed friends of mine, very skilled technical
people, having difficulties setting up the reversed-IP records.
Obviously it's too complex. Fortunately, the new MX, A, and PTR
mechanisms described at
http://archives.listbox.com/spf-discuss [at] v2/200310/0121.html
should make everything much, much easier.)

In other news, we welcome luminary Eric S. Raymond to the list: among
his many accomplishments is Bogofilter (http://bogofilter.sourceforge.net/)
so I'm glad SPF has appeared on his radar.

cheers
meng

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@©#«Mo\¯HÝÜîU;±¤Ö¤Íµøˆ¡

dtrammell at citadel

Oct 14, 2003, 1:55 PM

Post #2 of 3 (273 views)
Permalink

RE: updates from Foo Camp [In reply to]

Meng Weng Wong wrote:
> In Vixie's eyes, the biggest challenge for SPF is getting enough
> people to adopt it.
>
> I'm quite sanguine about this: there are a fair number of reasons
> people
> will be moved to publish SPF records: a fear of joe-jobs, a desire to
> reduce bogus abuse@ complaints, a desire to protect the domain name as
> brand.
>
> And obviously people will perform queries simply because they want to
> get less spam.

Perhaps now is a good time to try to get some of the Australian ISP's
on-board?
http://www.theage.com.au/articles/2003/10/13/1065917342993.html

---
Dustin D. Trammell
Vulnerability Remediation Alchemist
Citadel Security Software, Inc.

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@½§ÅvÂ¼ð¦¾Øß´ëù1Ií-»Fqx.com

mengwong at dumbo

Oct 14, 2003, 2:10 PM

Post #3 of 3 (274 views)
Permalink

Re: updates from Foo Camp [In reply to]

On Tue, Oct 14, 2003 at 03:55:46PM -0500, Dustin Trammell wrote:
|
| Perhaps now is a good time to try to get some of the Australian ISP's
| on-board?
| http://www.theage.com.au/articles/2003/10/13/1065917342993.html

Good idea. Anyone know anyone at Telstra?

I did a short presentation on SPF at Foo Camp. I started by making this
observation:

How many hardcore spammers are there? Some say only 200.

How many hardcore antispammers are there? Way, way more than 200.

This makes us antispammers look stupid. A community of maybe 20,000
smart geeks can't handle a problem caused by only 200 bad guys?

Vixie calls this "asymmetric warfare". The parallel is
guerilla/terrorist action: a single bad guy can build a car bomb at
home, drive it into an embassy, and blow up a committee of diplomats.
The good guys need to bring in helicopters, tanks, a whole command
hierarchy and a supply chain from toothpaste to toilet paper, and that's
even before they start doing anything in the field.

So obviously SMTP is flawed.

We need to tilt the playing field back in our favour.

That tilting process will hurt .forwards and traveling mailmen. But
times are changing, and forwarding companies and traveling mailmen have
to change with the times.

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname@©#«Mo\¯HÝÜîU;±¤Ö¤Íµøˆ¡

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads