1998-03-17 - Re: Will New Sendmail Block Remailers?

Header Data

From: “William H. Geiger III” <whgiii@invweb.net>
To: “Robert A. Hayden” <rhayden@means.net>
Message Hash: 9e89247002a5cade340fcb175c33da74b30be90fcaa02471c873d25a1bd65d05
Message ID: <199803171540.KAA00760@users.invweb.net>
Reply To: <Pine.LNX.3.95.980317085417.19255A-100000@geek.net>
UTC Datetime: 1998-03-17 15:41:04 UTC
Raw Date: Tue, 17 Mar 1998 07:41:04 -0800 (PST)

Raw message

From: "William H. Geiger III" <whgiii@invweb.net>
Date: Tue, 17 Mar 1998 07:41:04 -0800 (PST)
To: "Robert A. Hayden" <rhayden@means.net>
Subject: Re: Will New Sendmail Block Remailers?
In-Reply-To: <Pine.LNX.3.95.980317085417.19255A-100000@geek.net>
Message-ID: <199803171540.KAA00760@users.invweb.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="Boundary..3990.1071713782.multipart/signed"

Content-Type: text/plain
Content-Transfer-Encoding: 7bit

In <Pine.LNX.3.95.980317085417.19255A-100000@geek.net>, on 03/17/98 
   at 08:58 AM, "Robert A. Hayden" <rhayden@means.net> said:

>On Tue, 17 Mar 1998, John Young wrote:

>> Markoff in the NYT reports today on the release of a new 
>> Sendmail upgrade by author Eric Allman that will block 
>> spam by checking the legitimacy of the originating address 
>> before delivery.
>> The report claims that spam is up to 10% of e-mail worldwide,
>> And that Sendmail is used on 75% of the computers that route 
>> e-mail, all of which are being fitted with the new program.
>> What are the chances that this will affect remailers or other 
>> means of eternal anonymity?

>Depends on how the remailer is set up.

>For example, I own the domain "geek.net".  If I set up a remailer and
>messages resolve to "anonymous@geek.net", I suspect it will get through. 
>I may need to also have an alias that /dev/nulls messages to
>anonymous@geek.net, but that is still a legitimate mailing address. 

>I think what they are trying to stop are spammers that have a return
>address like "fakename@fakedomain.com" or "your@best.friend".  Those
>wouldn't resolve and would just get shitcanned.

>IMHO, there's nothing _toooo_ sinister here, yet.  But vigilance is

Well I think this may add to the problem. All the spamers need to do is
start faking real e-mail addresses in the headers. So now you will have
alot of users bearing the brunt of anti-spam attacks and complaints who
had nothing to do with it.

William H. Geiger III  http://users.invweb.net/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/esecure.html                        

Content-Type: application/octet-stream; name="pgp00003.pgp"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="pgp00003.pgp"
Content-Description: "PGP signature"