[ietf-dkim] Re: DKIM and mailing lists

Douglas Otis dotis at mail-abuse.org
Thu Jan 19 10:48:44 PST 2006 

On Jan 19, 2006, at 9:58 AM, Jim Fenton wrote:

> I believe that signatures from lists (and other third-parties) will  
> be more dependent on reputation and accreditation (and local white  
> lists and black lists).  This is because third-party signatures  
> allow messages to be signed by anyone, not just the originator's  
> domain, so it's more important to have some information indicating  
> that the third party is reliable. Domains that host many reliable  
> lists, like ietf.org, imc.org, mipassoc.org, yahoogroups.com, etc.  
> as well as those that operate other third-party signing  
> applications (evite.com, nytimes.com, ...) will generally be  
> whitelisted.  But it will be very easy for attackers to apply third- 
> party signatures from throwaway domains so domains with little  
> reputation will have difficulty getting their third party  
> signatures accepted.  This isn't a characteristic of DKIM, but is a  
> characteristic of how I expect it will be used in a few years.

The bad actors will have absolutely no trouble sending their spam  
through a list-server that is generally white-listed.  Yahoogroups  
have lists where participants are in the millions.  Once the bad  
actor reclaims their message, perhaps from the archive, they can then  
replay these spams world-wide and take advantage of the sterling  
reputation of the list.  How long will it be before that list's  
reputation becomes less than sterling?

A reputation service will have an inordinate effort sending out all  
the collected bad signatures attempting to keep ahead of all those  
messages sent through list-servers or via compromised systems in  
large domains.  Senders and recipients needs to play a role in  
squelching this problem.  Senders need to keep track of where they  
sent abused messages that are being replayed and block-list those  
recipients.  Recipients wishing to keep from being block-listed would  
then ensure no user ever sees a valid incoming signature, but instead  
replaces these signatures with an MDA signature.  When done  
universally, the sources for replay abuse should be reduced to a  
point where efforts to contain the problem are not overwhelmed.

-Doug

More information about the ietf-dkim mailing list