Florian Weimer | 3 Sep 19:52 2005

Re: What is new about SAVE?

* Hadmut Danisch:

> As far as I can see, this looks almost exactly like the e-mail stamp
> proposal Bill Gates made on several conferences and several interviews
> before Microsoft came up with CallerID/SenderID.

Hashcash is even earlier prior art, I think.  IIRC, the main
contribution by Microsoft's researchers was a puzzle that stressed
memory bandwidth, and not CPU cycles, in the hope that this would be
fairer because memory bandwidth doesn't very as much as CPU speed.
Florian Weimer | 3 Sep 19:57 2005

Re: What is new about SAVE?

* Hadmut Danisch:

> Two years ago Microsoft made exactly the same proposal (computer-
> _and_ human-solvable puzzles) and widely announced that the problem
> with spam would be gone within two years. 
> Now, two years later, we all know that they failed.

I'm being told that the spam problem has been solved.  Nowadays, you
can subscribe to extremely accurate filtering technology.

The remaining problem is how you can route legitimate spam past the
spam filters.  One solution using SPF looks like this:

email.bn.com.  IN TXT  "v=spf1 mx ptr include:dartmail.net -all"

(Dartmail is a legitimate bulk mailer, if such a thing exists at all.)
Bill Cole | 3 Sep 20:38 2005

Re: What is new about SAVE?

At 7:57 PM +0200 9/3/05, Florian Weimer wrote:

>(Dartmail is a legitimate bulk mailer, if such a thing exists at all.)

Then I guess no such thing exists, since they have a chronic 
multi-year habit of trying to spam my main address, multiple role 
accounts, and non-existent addresses here.

This point's at why SPF and similar sender authentication systems are 
not by themselves useful for addressing the issue of spam, and why 
leashing them to net-wide reputation systems can only be marginally 
useful. You believe that Dartmail is legitimate, probably because 
they run some list you are on and want to be on and they have never 
spammed you.  I believe that they are hopeless spammers because they 
have sent me nothing but spam, have ignored complaints, and have at 
times had bogus 'opt out' URL's in their spams with non-resolving 
hostnames. You want their mail. I want them out of business. Who is 


Bill Cole
bill <at> scconsult.com
der Mouse | 6 Sep 08:04 2005

Re: What is new about SAVE?

> I'm being told that the spam problem has been solved.

Not so far as I can see.  I was away from my mailbox for about three
days and had about double the normal number of spams leaking through my

> Nowadays, you can subscribe to extremely accurate filtering
> technology.

Ah, so "solved" here means "available at extra cost, both monetary and
the price of depending on yet another third party to handle your mail"?

I must not have been at the meeting where that redefinition was passed.

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse <at> rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
Stephane Bortzmeyer | 7 Sep 17:24 2005

Re: What is new about SAVE?

On Sat, Sep 03, 2005 at 02:38:29PM -0400,
 Bill Cole <asrg2 <at> billmail.scconsult.com> wrote 
 a message of 29 lines which said:

> You believe that Dartmail is legitimate, 
> I believe that they are hopeless spammers 
> Who is right?

Both of you. SPF is an authentication technique, not an authorization
framework. Once SPF authentified Dartmail, what you do with their
messages is your business.
Gadi Evron | 22 Sep 21:19 2005

Call to Arms: Rita Scams

Good evening.

This is a notice from MWP, the malicious websites and phishing research
& operational mailing list.

Over the next few days some of us are going to process information
about sites that will probably be used for Rita scams.

Through MWP resources and ISP connections we are going to make sure
these sites are taken off-line as soon as we detect them.

Also, via reg-ops, an operational list for registrars, we are going to
see if we can get the domains terminated at the registrar level.

To accomplish this we don't want to rely only on our sources, but rather
issue a Call to Arms to the public. If you know of a new Rita Hurricane
Scam, please notify us by emailing me directly at ge <at> linuxbox.org with
the subject line "Rita Report", where we will be processing them for the
next week.

We hope to get the cooperation of several incident response mechanisms
both in the US and abroad. We will update you as we proceed and when we
are done.

If you run an incident response team that can handle Internet abuse and
would like to take part, please contact us as well.

Thank you for your help.

	Gadi Evron.
(Continue reading)

Gadi Evron | 23 Sep 00:13 2005

Rita Scams Call to Arms - Update

To report a Rita Phishing Scam to the MWP Call to Arms Rita Task Force, 
please contact:

US-CERT at soc <at> us-cert.gov
SANS ISC at handlers <at> sans.org

Gadi Evron | 23 Sep 21:17 2005

help us determine what's a Rita phish


You may have to choose a category (NEW).

For a MEDIA report on the effort:




My blog: http://blogs.securiteam.com/?author=6

"The third principle of sentient life is the capacity for self-sacrifice
--- the conscious ability to override evolution and self-preservation
for a cause, a friend, a loved one."
	-- Draal, "A Voice in the Wilderness", Babylon 5.
Amir Herzberg | 25 Sep 18:27 2005

An overview of cryptographic protocols to prevent spam

I wrote an overview of Cryptographic Protocols to Prevent Spam, 
available at http://eprint.iacr.org/2005/329. This includes a brief 
discussion of some non crypto mechanisms as well.

I have tried to maintain reasonable balance between accuracy and 
conciseness, and to be fair while not hiding disagreements, criticism 
and controversial issues. However, I am sure there is a lot that can be 
improved, and will appreciate comments and suggestions for improvements, 
and try to incorporate in the final version of this document.

I apologize for cross posting this message, please excuse this - I hope 
you won't consider me a spammer...

Best regards,

Amir Herzberg

Associate Professor
Department of Computer Science
Bar Ilan University
Try TrustBar - improved browser security UI: 
Visit my Hall Of Shame of Unprotected Login pages: 
ietf-dkim mailing list

(Continue reading)

Frank Ellermann | 25 Sep 19:14 2005

Re: An overview of cryptographic protocols to prevent spam

Amir Herzberg wrote:


About 640 KB PDF. it cannot be displayed by AcroReader 3.0
(obscure problem to extract an embedded font).  Bye, Frank

ietf-dkim mailing list