[ietf-dkim] on the scope and necessity of threat analysis
Keith Moore
moore at cs.utk.edu
Sat Aug 13 17:03:45 PDT 2005
Michael Thomas wrote:
> Keith Moore wrote:
>
>> If then only bad actors we were concerned about were phishers then I'd
>> agree. When we include spammers in the set of bad actors then the
>> situation becomes less clear. Making it slightly more difficult for
>> current bad actors to spam might well make spam considerably more
>> attractive for a much larger group of bad actors who don't mind
>> authenticating their spam.
>
>
> I'm sorry, but I do not see how this follows at all. Spammers are
> completely at liberty to identify themselves today. They don't
> have to forge their addresses, so why don't they join the fun
> today?
Many of them are doing so, which is why so many SPF messages are spam.
You appear to be assuming that the same bad actors who are spamming
today will be the ones who are spamming tomorrow. I am assuming that
there is a much larger set of people/companies who would like to spam,
but aren't doing much spamming now because under the current set of
conditions so much spam is trashy. Those people want to "raise the bar"
to discourage the current spammers in order to make it more acceptable
for them to spam. These people don't believe the products they want to
sell you are trashy, and they don't believe they have anything to hide.
But they still want to fill up your inbox with messages that will get
in the way of communications you want to participate in. Some of them
even believe that they have a right to fill up your inbox with such
messages.
Keith
More information about the ietf-dkim
mailing list