1 / 4

Role of Authentication

Levels Identity A label What the label refers to Authentication Validate the identity Who is doing the validation Authorization Alloow/deny from history, opinion, enforcement. Identities MTA IP SMTP client EHLO Domain SMTP client Provider IP SMTP client site Mail-From Bounces address

loe
Download Presentation

Role of Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Levels Identity A label What the label refers to Authentication Validate the identity Who is doing the validation Authorization Alloow/deny from history, opinion, enforcement Identities MTA IPSMTP client EHLO DomainSMTP client Provider IPSMTP client site Mail-FromBounces address FromAuthor SenderPosting agent ReceivedHandling sites Role of Authentication D. Crocker Apricot – KL,2004

  2. Presumed-Author “Author” registers MTA From Sender Mail-From DNS record is domain of author Provider Network MTA IP registered by network hosting it DNS record is in-addr.arpa record for IP address of sending MTA Alternate MTA Registrations D. Crocker Apricot – KL,2004

  3. Concerns about “Author” Based MTA Registration • Administrative challenges for many usage scenarios • Imagine equivalent restrictions for postal mail or telephony • Does not work for mobile laptop, kiosks, other 3rd-parties • Not really “authentication” and not really useful beyond Spam • And deployment is expensive • Some proposals redefine email semantics • Mail-From, … • Sender re-writing • Limits ability to do real store-and-forward • Last MTA before receiver analysis must be Mail-From registered • “Policy” publishing service • Receivers cannot give highly differential handling in large scale D. Crocker Apricot – KL,2004

  4. Universal crackpot spam solution rebuttal* This is a very funny checkbox-based form-letter for responding to crackpot spam solutions, proposed in message-board posts. For the whole form, see: <http://craphound.com/spamsolutions.txt> Your post advocates a ( ) technical ( ) legislative ( ) market-based ( ) vigilante approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)… *Thanks to Robert Berger D. Crocker Apricot – KL,2004

More Related