Forgot your password?
typodupeerror
The Internet Security Spam Your Rights Online

Yahoo Submits DomainKeys Draft To IETF 350

Posted by timothy
from the you-may-be-surprised-to-receive-this-draft dept.
NetWizard writes "According to a mailing list post at the IETF, Yahoo's website and a Wired News story, Yahoo has made the DomainKeys draft public and submitted to the IETF." Russ Nelson explains "Basically, your MTA uses RSA-SHA1 to sign the headers and body of your email and inserts that signature before sending the email. The recipient MTA looks up $selector._domainkey.$domain in the DNS, gets your public key, verifies it, and inserts a notice. There's also a SourceForge project for a DomainKeys library." An anonymous reader asks "It seems to me that it doesn't offer anything more than the Sender Policy Framework by pobox.com, other than doing relay-based signing of the messages to provide the sender verification. SPF has already grown to over 14,000 domains so far and only requires an addition to your DNS to support (from the sending side). Verifying messages on the receiving MTA is as simple as doing a DNS lookup, most MTAs can support SPF now, the code is available and well tested. What advantages to people see in Domainkeys over SPF that are actually useful, and what standard should people implement?"
This discussion has been archived. No new comments can be posted.

Yahoo Submits DomainKeys Draft To IETF

Comments Filter:
  • Expensive... (Score:3, Insightful)

    by Anonymous Coward on Wednesday May 19, 2004 @10:07AM (#9194896)

    Basically, your MTA uses RSA-SHA1 to sign the headers and body of your email and inserts that signature before sending the email. The recipient MTA looks up $selector._domainkey.$domain in the DNS, gets your public key, verifies it, and inserts a notice.

    Computationaly that sounds mighty expensive...
    • Re:Expensive... (Score:4, Interesting)

      by Anonymous Coward on Wednesday May 19, 2004 @10:17AM (#9194982)
      Even better, because then spam won't be possible if it's computationally intensive.
      • Re:Expensive... (Score:3, Insightful)

        by NoMercy (105420)
        It's not that computationally expensive, but yes if your sending or reciving milions of unique emails it could get to be quite a pain to process, lucklly for spammers as long as they keep most of there emails for that day identical they only have to hash it once say, but then they'd still need a valid domain to spam from.

        The bigest problem is DoS attacks against mail servers by using crafted emails designed to be greater than normally dificult to hash and/or check the signature there-of. And of course if y
      • Re:Expensive... (Score:4, Insightful)

        by Corgha (60478) on Wednesday May 19, 2004 @12:53PM (#9196351)
        spam won't be possible if it's computationally intensive

        A common fallacy; the actual situation is just the opposite. Spammers don't use their own computers to send spam. They use hordes of virus-infected Windows machines. Compute costs them nothing or at most some small fee to a virus writer over IRC.

        Legitimate organizations use expensive, highly-available, rack-mounted servers. They actually care if they lose a message due to machine failure, and they can't illegally use someone else's machines to do the work for them. Compute for them is very expensive.

        Making SMTP more computationally expensive just hurts the good guys. The only reason this proposal has any merit is that it's imposing this penalty to get some other benefit, authentication from the signing, which will actually help identify legitimate mail, since the spammers can't do the computation at all without the private key.
    • by jefp (90879) <jef@mail.acme.com> on Wednesday May 19, 2004 @01:40PM (#9196732) Homepage
      Why do people keep saying SPF is based on IP addresses? Here's my SPF string: "v=spf1 a mx a:safe.acme.com a:widget.acme.com a:pill.acme.com -all" Do you see any IP addresses in there? I don't. SPF is based on domain names.

      And another thing. People keep complaining that SPF and other similar schemes won't stop spam cause spammers use hijacked machines. Duh! What these schemes will stop is worms, not spam. That also explains why Microsoft is interested - rather than fixing their god damned software so it's secure, they want to fix everyone's email so that broken Microsoft software isn't quite so annoying. Well, whatever.
      • The only verified data that one has about the sender with SPF is the IP address. The A records in your line all resolve to IP addresses (that's what an A record does; it turns a domain name into an IP). The MX resolves to a domain name (which resolves to an IP address). Thus, SPF (and Microsoft's Caller ID system) just verifies that the sending IP is allowed to send for that domain.

        Domain keys does not check the senders' IPs to verify them. Instead, it uses a digital signature. The difference between
  • To understand... (Score:5, Interesting)

    by Mz6 (741941) * on Wednesday May 19, 2004 @10:08AM (#9194903) Journal
    OK... It seems that SPF would have a little easier setup, only requires setup on one side. While DomainKeys would have more of an upfront cost to get it working and setup costs on both sides. However, pobox.com has theirs software up an working while Yahoo only has a working document to offer proof of concept. I would like to see Yahoo's example up and running and see how it would compare once out in the wild.
    • Re:To understand... (Score:2, Informative)

      by Anonymous Coward
      We're using the DomainKeys library for some weeks now with qmail on a Solaris 9 box. It seems to work quite well though of course it hogs a little bit of CPU power. It's worth it though!
    • Re:To understand... (Score:5, Informative)

      by tanguyr (468371) <tanguyr+slashdot@gmail.com> on Wednesday May 19, 2004 @10:24AM (#9195040) Homepage
      Not only that, but SPF also seems more flexible. Domainkeys seems limited to making sure that the from header was not forged and that the SMTP machine used is on that domain's approved sender's list. Don't forget that SPF allows you to say "any machine may send mail from my domain as long as the mail is digitally signed" - or "any machine with an MX record in my domain may send mail for that domain" (which you could update withoput having to regenerate keys, etc)

      In short - SPF looks like the more elegant solution.
      • Re:To understand... (Score:5, Informative)

        by Russ Nelson (33911) <slashdot@russnelson.com> on Wednesday May 19, 2004 @10:57AM (#9195298) Homepage
        DomainKeys signs the entire message, not just the From: header. DomainKeys lets anybody send regardless of IP address as long as they have a private key whose public key is published under that domain. A domain may have multiple keys, and generating a new key takes but a second.

        The trouble with SPF is that it's based on IP addresses, and forwarding completely breaks SPF. That's why they need SRS in order to be able to forward at all.
      • by jgardn (539054) <jgardn@alumni.washington.edu> on Wednesday May 19, 2004 @01:55PM (#9196860) Homepage Journal
        Domain Keys principle weakness is in a replay attack. Here's how to do it.

        A spammer sends a single email from his Yahoo! account to himself. He takes the sent message, encrypted with domain key, and then sends this message billions of times to servers across the planet. Since the message is encrypted with Yahoo!'s domain key, it is apparently authorized by Yahoo!.

        Domain Keys without SPF won't work, because SPF says which servers are allowed to send email, while domain keys just says an email was signed by a particular key. If Yahoo! had SPF records as well as domain key records, the spammer would have to infiltrate a valid Yahoo! mail server to send the mail.

        • That attack could work, since I'm pretty sure Domain Keys doesn't sign the envelope.
          Yahoo could immediately disable that account, but the spammer could continue to resend the same message. The 'To:' header would likely show only a no longer valid email address for the spammer. The 'From:' would of course be an ex-valid Yahoo account, probably created with bogus info.
          But given that the messages would have to be completely identical, solutions like DCC (http://www.rhyolite.com/) would help.
    • However, pobox.com has theirs software up an working while Yahoo only has a working document to offer proof of concept. I would like to see Yahoo's example up and running and see how it would compare once out in the wild.

      While working implementations are essential, they are by no means sufficient for estimating the effects of Internet-wide adoption of the proposed solution. Therefore the quality of the theoretical discussion matters a lot too.

      When e-mail was first deployed, there was hardly any spam at

  • Email needs to get a few new features like gpg or this to fight spam, viruses and spoofing pranks.

    And it better be an open solution not a proprietary one.

    The only way I can see something like this happening though is if a few major backers get behind the same thing and most mta's/clients (depending on what the agreed upon implementation is) start supporting it.
    • People in the geek community have been pushing for use of OpenPGP as a mechanism for sorting mail for years.

      You don't want to restrict mail that's not signed, but you can assign non-signed mail a lower "trust" value than signed mail. There will be a dis-incentive to digitally sign mail as a spammer since spammer signatures will soon be found out.

      If they sign mail with a new key- the value will be similarly neutral.

      PGP web of trust isn't about value of the person, but is the person who we think they are.
    • Because the gateway would not be able to scan the messages for viri... only the end users could see what the content was.

      Imagine what it would be like if everyone right now had encrypted email by default so hitting send automatically fetched a users public key to encrypt the data.

      Viruses would start using the same methods to encrypt email going to all those users. There would be more viruses getting through to users than there are now since gateways would not be able to scan the email.
  • PGP? (Score:2, Insightful)

    by nathanhart (754532)
    Why not just use pgp or something of the sort?
    • Re:PGP? (Score:4, Insightful)

      by grub (11606) <slashdot@grub.net> on Wednesday May 19, 2004 @10:15AM (#9194973) Homepage Journal

      "OK, Grandma, now type in your PGP passphrase. Ensure it's very long and made up of alphanumerics, symbols and control characters. Make sure you don't forget it..."
      • "OK, Grandma, now type in your PGP passphrase [...]

        At least you don't have to wait too long until you can pry her private key from her cold, dead fingers...

        • At least you don't have to wait too long until you can pry her private key from her cold, dead fingers

          I don't know about you, but I prefer to stay well away from my grandma's privates.
      • Re:PGP? (Score:3, Interesting)

        by eric76 (679787)
        Why not have the e-mail server generate a PGP or GPG key to sign e-mail for authenitcated users who don't sign their own e-mail.

        The purpose would be to prove to the recipient that the e-mail came from someone who authenticated themselves as the person listed as the sender. You couldn't use it for non-repudiation purposes.
    • The problem is distributing keys. This is an answer - distribute them with DNS.

      Unfortunately many ISPs force all outgoing mail to go through them (including mine), which means filtering on the sending MTA is rather crude - e.g. you can either allow or disallow all mail from hotmail.com.

    • Re:PGP? (Score:3, Insightful)

      by Russ Nelson (33911)
      Haven't we been saying that for a decade now??
      -rw-r--r-- 1 nelson users 751 Jan 12 1995 /www/russnelson/pgp-key
      Has it worked yet? How many emails in your INBOX are PGP-signed?
  • Patent Licensing (Score:2, Interesting)

    by Anonymous Coward
    Can anyone see if it has a harmful patent license like Microsoft's Caller-ID?
    There's more info on why CID's patent license is harmful at the boycott caller id for email [boycall-em...ler-id.org] site.
    • Re:Patent Licensing (Score:5, Informative)

      by Anonymous Coward on Wednesday May 19, 2004 @10:13AM (#9194956)
      It's probably better:

      Yahoo! will grant a royalty-free, worldwide, non-exclusive license under any Yahoo! patent claims that are essential to implement or use any Implementations so that licensees can make, use, sell, offer for sale, import, or yodel Implementations; provided that the licensee agrees not to assert against Yahoo!, or any other Yahoo! licensees of Implementations, any patent claims of licensee that are essential to implement or use any Implementations.


      Microsoft's implementation requires you to sign away your right to sue them for any patent claim and doesn't allow you to sublicense the technology (ie: GPL/LGPL/BSD-incompatible). This one is less agressive.
    • Re:Patent Licensing (Score:2, Interesting)

      by Mz6 (741941) *
      Good info.. However it mihgt be nice to post the actual address without the misspellings. boycott caller id for email [boycott-em...ler-id.org] site.
  • by Anonymous Coward
    I barely have the patience to hold down CTRL when I hit Enter to send emails.

    God fuck me in the ass if I'm going to be required to do all that other crap.
    • This is a very good point.

      Any sort of additional user verification/etc used to try to limit spam and other undesirable mail needs to be transparent otherwise many people (like 3/4th of my family) will decide that e-mail is too hard to use and no longer worth it.
      • Have your family decided that doors are too hard to use if you have to unlock them, and moved to a house with no locks?
        • Have your family decided that doors are too hard to use if you have to unlock them, and moved to a house with no locks?
          Well, as long as we're running with bad analogies...
          If you go in/out of said door 200 times a day, do you lock it every time? If so, you may want to see a mental health professional about that OCD.
  • by Anonymous Coward on Wednesday May 19, 2004 @10:10AM (#9194931)
    SPF breaks forwarding. Domainkeys doesn't. That alone is a serious enough problem that I can't implement SPF.
    • Yes it breaks forwarding but they have ways to make it seamless for users by using a
      Sender Rewriting Scheme [pobox.com]
      • This still doesn't seem like the right solution. I have a Yahoo.com email address. I send all my email from own SMTP server, or via my ISP. I suppose this would require re-writing the MAIL FROM: in the SMTP envelope and leave the FROM: in the message header as my Yahoo address. Then of course the sender in the envelope wouldn't match the sender in the header, and some MTAs are configured to block such messages.
        • I feel for you, really, but look at it from another angle. You probably already have one email address: the one your ISP gave you. For all intents and purposes, that's your canonical identity when you're on the Internet. Now, if you want me to send email to your Yahoo! address instead of your ISP account, then give me that address and set a Reply-To: header in your email client to point to it. However, understand that as a mailserver administrator, I'm not terribly interested that you don't want to provide your "real" identifying information to my server or my customers. If you want to contact me or my users, then I want to know your "real" name.

          In the real world, people are known by a certain name. They may ask people to call them by another name, but certain legal entities (banks, loan companies, etc.) will insist on having access to that person's official identity. This is vaguely similar to what SPF proposes.

          • You probably already have one email address: the one your ISP gave you. For all intents and purposes, that's your canonical identity when you're on the Internet.

            Umm, no, not even close.

            I have an address at ISP (foo@isp.net). I never use it, since it's incovenient to access, plus it gets a ton of spam.

            I have several addresses at my domain (foo@mydomain.com, bar@mydomain.com, etc.). I do use them actively.

            I have a work address (foo@company.com) which I also use actively.

            I have a couple of yahoo addresse
            • by Otto (17870) on Wednesday May 19, 2004 @02:29PM (#9197208) Homepage Journal
              The job of a mailserver admin is NOT to decide who's allowed to send mail to the users and who's not. If a user asks (e.g. block all but this whitelist), sure. But absent a request from the user, you have no rights to decide which email goes through and which is blocked (with obvious exceptions for things like viruses).

              You are a mailserver admin -- that's a SUPPORT position. You don't decide what your users are allowed to see and you have no rights to demand to know the real name of people who are not even your users, but are just sending email to them.


              I'm sorry, but you are incorrect. The mailserver admin is acting on behalf or (or may be in fact) the owners of the hardware that the mail in question is travelling through. That gives them every right to decide, by any standards they like, what mail they accept or don't accept.

              This is a simple question of property rights. My property, my rights.

              As far as what the users want, sheesh, it's like you just don't trust market forces anymore.. If the admin blocks too much, the users get pissed and find a new ISP. It's a self-correcting problem.

              It is the mailserver admin's job to ensure the correct operation of the mailing system, and the owners of the system get to decide what "correct" means. Deal with it.
      • by ajs (35943) <<moc.sja> <ta> <sja>> on Wednesday May 19, 2004 @12:17PM (#9195984) Homepage Journal
        SPF/SRS have serious problems including the inability to hop through more that 1-2 relays before the from address becomes a problematic amount of data (multiple cryptographic hashes).

        SPF is about overloading existing slots in RFC2822 and DNS in order to cram authentication data into the protocols. The link above cites an alternative that is about replacing the existing protocols with brand new ones.

        Both are, IMHO, poor solutions and DomainKeys might just be the correctl long-term solution.

        Personally, I was working on a proposal for a way to use existing headers [ajs.com] by adding a slightly out-of-band channel for authenticating mail, but if DomainKeys beats me to it, sounds fine to me.
    • Solveable problem (Score:3, Informative)

      by mccrew (62494)
      True, but that's a solveable problem [pobox.com].
  • by Anonymous Coward on Wednesday May 19, 2004 @10:12AM (#9194945)
    But doesn't this miss the point of spam?

    Based on articles refered here on Slashdot, I'd assumed a major source of spam were machines that have been compromised. Spammers use known lists of unwitting relays to forward spam through legitimate hosts.

    Email today will tell me the name of the host where something came from, that doesn't really help. At best, I could (a) contact the owner of the domain (which I can do today) (b) develop a list of open relays that I won't accept mail from (which I can do today).

    It seems to me the net effect of this is to limit email to large ISPs. It won't be good enough for me to buy a T1 and run my mail server from there, I'll have to rely on Yahoo, MSN, AOL, Comcast and a few others to be my MTA because people won't accept mail from a small provider (or a single point system) any more.

    • by eric76 (679787) on Wednesday May 19, 2004 @10:25AM (#9195048)
      There is no need to limit e-mail to the big ISPs. Are you suggesting that all the corporations and smaller ISPs purchase e-mail services from the bigger companies? What would that accomplish?

      The major source of spam are machines that are compromised is true. The vast majority of such machines are not mail servers at all. Shunning all the small providers and companies might help reduce spam somewhat, but at an enormous expense.

      If you accept e-mail only from legitimate e-mail servers, regardless of the size of the ISP or company, you would accomplish pretty much the same thing.

      By the way, if the big ISPs have the market cornered on e-mail services, what makes you think they would be anti-spam? The larger reason that they are anti-spam is because of being blocked by the vast numbers of smaller ISPs and companies who pioneered the use of blacklists. Take away that and the big ISPs would love spam because they would be able to collect more money from their captive audience based on the volume of mail handled for that company or smaller ISP.
    • I think what you're missing is that the majority of those zombie boxes are not set up with mail servers prior to infection. Yes, it may be an extra hoop to jump through when setting up a mail server, but I think something like this will indeed differentiate between spam (at least from zombie boxes) and legitimate email.

      I'll reserve judgment on the effectiveness of this particular system, and I'm sure there are loopholes (there always are), but I like the concept.
    • by CustomDesigned (250089) on Wednesday May 19, 2004 @10:35AM (#9195118) Homepage Journal
      Neither SPF nor Domain Keys directly addresses spam. They both prevent forgeries, aka "joe jobs". SPF stops envelope forgery. DK stops mail header forgery. The vast majority of AOL spam is not sent via AOL. That is why AOL is an early adopter of SPF. I have gotten death threats from people who are sick of getting spam I supposedly sent them. If SPF were widely implemented in MTA's, they would never get such forged mail. When SPF becomes widely implemented, spammers can publish SPF records also - in fact many already are. But now you can use the domain registration to track the source of the spam. This facilitates prosecution of scams, and blacklisting of unwanted spamming vendors.
    • by Otto (17870) on Wednesday May 19, 2004 @10:58AM (#9195315) Homepage Journal
      It won't be good enough for me to buy a T1 and run my mail server from there, I'll have to rely on Yahoo, MSN, AOL, Comcast and a few others to be my MTA because people won't accept mail from a small provider (or a single point system) any more.

      Sure they will. With SPF, for example, you setup the SPF rule for your domain to allow that domain to be a sender of mail for the domain.

      You will need to have your own domain, I admit.
  • by Anonymous Coward on Wednesday May 19, 2004 @10:13AM (#9194949)
    I'm the SysAdmin of an ISP. We had to turn off SPF after some users couldn't send e-mail to people that used mail forwarders. For instance, if someone has a domain 'foo.com' that sends all mail sent to it to 'foo@verizon.net', and foo.com resides outside of verizon.net, my users wouldn't be able to send him mail if Verizon uses SPF.

    SPF is junk. The number one priority of e-mail: Legit mail must reach the recipient.
    • by Mz6 (741941) * on Wednesday May 19, 2004 @10:22AM (#9195021) Journal
      Info from the SPF site on forwarding...

      "Forwarding services and web-generated email sites need to deploy SRS. Pobox.com, for instance, has already integrated SRS into its bespoke MTA using Mail::SRS.

      Hobbyists who provide .forward or /etc/aliases services will also have to get an SRS-enabled MTA.

      Sites that do not do .forward or /etc/aliases forwarding to remote sites will not need to do a thing.

      Once a majority of forwarding setups are SRS-compliant, SPF publishers can change their defaults from "neutral" or "softfail" to "fail". "

      Seems like for fowarding to work.. one method has to become a standard.. And we need to do it right this time. The above text says that everyone would have to install their software to get forwarding to work.

      • by ajs (35943)
        SRS is a hackish, and harmful solution to a hackish and harmful protocol kludge (SPF).

        I'm sorry, it was a good attempt, but it's just not going to fly given how disruptive it is. Worse, it's disruptive at a distance, so enabling SPF and dutifully enbabling SRS to compensate still forces your users to track down their forwarders and force THEM to use SRS before the scheme works.

        Broken systems thwart adoption. I don't know if DK is the solution, but I'll give it a chance. I already gave SPF a chance, and ha
    • You've gotta be kidding me. SPF requires SRS [pobox.com] for folks who use forwarding services. This is all over the website. It's also pretty clear from what I've seen that *all* the good solutions to the forged email problem will break forwarding as we do it today. That's just the way it goes. We can't afford to be as trusting today as we could when email was invented. It sucks, but it's reality.

      Yes, folks need to implement things properly. That's largely why SPF has different fail modes, so you can slowly ph
    • We had to turn off SPF after some users couldn't send e-mail to people that used mail forwarders.
      Then why didn't you set the all parameter to "~all" instead of something else? The tilde makes it soft fail. Then violations will not be rejected; they will be accepted. It sound like you set it to "-all" which means fail if there isn't a match.
    • You should not have turned SPF off. You simply needed to set the default for your domain to "?all". Furthermore, the problem you describe is not with SPF, but with an incorrect implementation of SPF at the receiver. It is incorrect to block mail from a known forwarder. The recipient sets up the forwarder (except for sender forwarder like greeting websites which are a different matter) and the recipient is responsible for whitelisting any forwarders they have set up which do not implement SRS.

      If they

  • What advantages to people see in Domainkeys over SPF that are actually useful, and what standard should people implement?"

    The only additional standard this needs is a "caliber".

  • SPF breaks relaying (Score:5, Informative)

    by Mr. Slippery (47854) <tms.infamous@net> on Wednesday May 19, 2004 @10:15AM (#9194971) Homepage
    other than doing relay-based signing of the messages to provide the sender verification.

    SPF's handling of relays is broken: [pobox.com]

    But that breaks forwarding!

    Yes, it does. You'll have to switch from forwarding, where the envelope sender is preserved, to remailing, where the envelope sender is changed. But don't worry, we're working on providing SRS patches for the four major opensource MTAs, so that when you upgrade to an SPF-aware version, this problem will be solved also.

    If DomainKeys takes care of that, I'd choose it over SPF in a heartbeat.

    • by eric76 (679787) on Wednesday May 19, 2004 @10:36AM (#9195129)
      I think it is far superior to SPF.

      You have a known e-mail server that can vouch for each e-mail that it sends on behalf of it's customers. It is far tighter than SPF.

      The one problem with domainkeys (based on my understanding of it) is that it just verifies that the e-mail came from the domain. It doesn't verify that the sender is the real sender.

      What I'd prefer is for the e-mail servers to generate a separate PGP or GPG key for each user for signing the e-mail and signing only those e-mail sent by an authenticated user on the machine.

      And instead of providing the key by DNS, extend SMTP to handle a key request.

      When your server received an e-mail, say from joeblow@example.com, it would check the signature. If the public key for that sender wasn't cached, it would connect to the host the e-mail would come from if it is legitimate and request the key for that user.

      It could also be done via mail. Send a request to joeblow-publickey@example.com and the sender would automagically reply with the public key for joeblow@example.com.

      And it would be possible for a user to provide his public key to the server for it to use. That way, he could sign his own message instead of the e-mail machine.
  • by bagel2ooo (106312) on Wednesday May 19, 2004 @10:22AM (#9195016)
    I know this perhaps sounds silly. Could someone perhaps keep bouncing messages off the MTA and using the signed messages from that to try to decrypt the cipher and such? If a system is compromised (i/e: with a virus/worm) couldn't the technology be defeated via that as well? Signing messages like that sounds like a good idea but when you have weaker links or loopholes that aren't readily being fixed or are being ignorant by apathetic admins how does one handle that?
    • by -brazil- (111867) on Wednesday May 19, 2004 @10:59AM (#9195318) Homepage
      Could someone perhaps keep bouncing messages off the MTA and using the signed messages from that to try to decrypt the cipher and such?


      A really good cipher is resistant even against such a "chosen plaintext attack"; furthermore, it's trivial to defeat such attacks completely by inserting a meaningless random element.


      If a system is compromised (i/e: with a virus/worm) couldn't the technology be defeated via that as well?


      Not nearly as easily as now, since it requires cooperation from the DNS server.

      • furthermore, it's trivial to defeat such attacks completely by inserting a meaningless random element.

        No. If your cipher is good, then you don't need to add random junk to prevent known plaintext analysis- and if it's bad, then the random element won't protect you.

        (All the random effect can do is shift the position of the known plaintext within the encrypted message. This will at most increase the effort to brute-force by a factor of message length, so you can do better by choosing a superior cipher.
    • Good points, but:

      a) If your keys are stolen you can just update your DNS info with new keys, it'll only take a few days to propagate, and DNS security is reasonable to strong.

      b) If a particular ISP is misbehaving, you can blacklist them, or filter them more agressively by other means. Once you know for sure who everyone is, blacklisting becomes much easier and much less damaging.

      c) Cryptographic signing is well understood, large key sizes are practical, hardware acceleration is cheap, and signing/verifyi
  • by Anonymous Coward on Wednesday May 19, 2004 @10:22AM (#9195022)
    The post above has the wrong URL. The site that describes the patent issues with caller id for email is actually boycott-email-caller-id.org [boycott-em...ler-id.org].

    It has a brief mention of domainkeys as well.
  • by Distan (122159) on Wednesday May 19, 2004 @10:23AM (#9195034)
    Cut to the chase. Is this going to make it any harder for me to send and receive email from my small (2 person) domain?

    • Not for many years, and by then your MTA will have implemented DomainKeys.
      • I assume that the open source MTAs most of us are using can quickly support this (I use postfix).

        But, I'm using the DNS server from my registrars ( domaindirect and NetSol ) so, I would need them to support this. Or, I would have to host my own DNS or switch to a DNS host that supports this.

        Also, another common problem of small mail servers is reverse lookup. My static DSL IP address reverse maps to a name from my ISP. Is there any dependency on this, or does it use domain names from the e-mail headers
        • Yes, you will need the ability to publish TXT records. SPF, EMail Caller ID, FreeS/WAN, and DomainKeys all require TXT records, so you won't be the only person beating up your DNS service to get the ability to publish them.

          No, DomainKeys does not require reverse DNS.
          -russ
  • by CustomDesigned (250089) on Wednesday May 19, 2004 @10:25AM (#9195052) Homepage Journal
    SPF validates the envelope from, and can be checked before the DATA phase of SMTP. Domain Keys validates the rfc822 headers, and can't be checked until after SMTP DATA.

    You want to implement both. SPF detects envelope forgeries before you have wasted much bandwidth. You can then use right hand side blacklists on sender domains. Yes, spammers too are adopting SPF. This is OK - those who like spam have something other than instinct to warn them when they are dealing with a scammer instead of a spammer. Those who hate spam can ignore it more efficiently.

    Domain Keys validates the message headers. It protects you against forgeries by users in the same domain - e.g. a spammer on yahoo forging an innocent party on yahoo. SPF can also detect envelope sender forgeries from the same domain in conjuction with SES (Signed Envelope Sender) - which adds a crypto cookie to the local part.

    You should implement SPF first. It is simpler, and eliminates most forgeries before SMTP DATA. SPF requires sepcial consideration for forwarders (SRS [pobox.com] - Sender Rewriting Scheme) or whitelisting.

    DK is a good addon for large ISP domains like yahoo and aol, but is broken by forwarders or mail processing tools that modify the body. For instance, my DSPAM [nuclearelephant.com] bayesian filter adds "tags" to messages.

    • Correct me if I'm missunderstanding SMTP (or just making things up), but once a message enters the DATA phase, isn't an MTA supposed to accept it? Aren't rejects during or after DATA supposed to be handled by bouncing rather than returning a failure error code to the sender? Which is the good thing about doing rejects before DATA as that forces the sender to deal with the problem.

      Somebody please correct me if I'm wrong ;)
      • by AnotherBlackHat (265897) on Wednesday May 19, 2004 @11:39AM (#9195694) Homepage

        Correct me if I'm missunderstanding SMTP (or just making things up), but once a message enters the DATA phase, isn't an MTA supposed to accept it?


        Consider yourself corrected.

        RFC 2821 in section 4.2.5 Reply Codes After DATA and the Subsequent <CRLF>.<CRLF>
        makes it clear that if an error code is returned after the final '.' then the receiver is specifically not supposed to handle the message, and any bounces are therefore the responibility of the sender.

        -- this is not a .sig

  • Yet another YRO... (Score:2, Insightful)

    by DragonMagic (170846)
    Yet another Your Rights Online that doesn't have anything to do with alerting the Slashdot crowd that perhaps one of our basic rights in the electronic age is being infringed or will be degraded to the point that someday it will be gone.

    This is a way, it seems, to help prevent spoofed header information in spam. I'm certainly glad that right is not infringed, thanks Slashdot.

    Really, the constant usage of YRO for these kinds of articles is diluting the effectiveness that YRO is supposed to handle. Keep the
  • by duncanthrax (149400) on Wednesday May 19, 2004 @10:26AM (#9195060) Homepage
    1. Domainkeys does not break forwarding.
    2. Domainkeys can be used either on the MUA or the MTA, for both sender and recipient sides. This makes it possible to still use 3rd party relays.
    3. Domainkeys spoof-protects the domain in the "From:" header field, which is what Joe Sixpack sees in his MUA application.

    Domainkeys does have the problem that you can't add headers to messages without re-signing them. If you re-sign them you must also rewrite the "From:" header. This will affect mailinglists.

    Domainkeys will not ultimatively solve the spam problem, but it is better than the broken SPF.
    • Can you explain why you feel SPF is broken? Is it because of forwarding? From your own post it appears domainkeys is broken because you can't add headers without re-signing the message. I don't see the difference. No anti-forgery effort is going to be compatible with how how email works today. Something is going to have to change for improvements to happen.

      Not trolling here. I just want you to back up your "broken SPF" statement.

    • Only broken SPF implementations break forwarding. It is incorrect to block mail from a known forwarder. If no mechanism to whitelist non-SRS fowarders is known, and mail could be forwarded, then SPF must not block any mail. The SPF results are still available through the Received-SPF header for use by content filters.
  • by That's Unpossible! (722232) * on Wednesday May 19, 2004 @10:32AM (#9195104)
    SPF tries to assure the sender of the message (MAIL FROM, return-path, whatever you want to call it) is legitimate. DomainKeys can be used to assure the author of the message (From: header) is legitimate.

    I quote this from the very top of the SPF FAQ [pobox.com] itself:

    "Protecting authorship information is an important goal. However, the technical issues associated with protecting the "From:" header are much more numerous and challenging. The best way to protect the header "From:" is by using a cryptographic signature such as S/MIME, PGP, or (when it is released) Yahoo DomainKeys."
  • by Anonymous Coward
    What advantages to people see in Domainkeys over SPF that are actually useful, and what standard should people implement?

    Marginally better in theory because the sending hosts can change without requiring DNS changes, but in truth neither approach has much of a hope of affecting spam in any significant way. Might as well standardize over SPF which is the more estabilished method, instead of fragmenting further.

    Still, even if all of the sender verification and SMTP hardening methods were to be universally

    • You'd just get 100%-authenticated emails from 1stmortgageusa.biz and naturalviagra4u.com.

      Bring it on. Fully-authenticated emails would make it a heck of a lot easier to verify that something isn't a joe-job and kick someone off the network. It'd also make it easier to blacklist stuff without huge amounts of collateral damage.

      Unfortunately, it sounds like this method would make receiving and sending emails more cpu-time expensive.. but the trade-off isn't as bad as many of the other "solutions".
  • SPF requires you to send mail from certain IP addresses or at least relay it via certain servers. Sounds to me like the Yahoo! proposal does it without this requirement.
    Not bad, but far more complexity.
    Do I really want all this extra code in my small, secure qmail-smtpd binary?
  • Where's the beef? (Score:2, Insightful)

    by Anders Andersson (863)
    I admit that I haven't studied the proposal in detail, but if all it does is guarantee that the sender address isn't spoofed, then it's hardly a significant improvement over the present situation.

    We have the client IP address of incoming mail already, and that address is hardly ever spoofed. Is it helpful to us? No, not as long as the client ISP refuses (or is actually unable) to disclose to the recipient who was using [123.45.67.89] at that time. Are we to believe that the ISP will react differently when
  • by notsoclever (748131) on Wednesday May 19, 2004 @10:51AM (#9195235) Journal
    SPF seems to be an IP-address-based whitelist mechanism. Which means that every possible host which might be serving as an MTA needs to be listed in my whitelist. That's all well and good for a home or office user, but what about when you travel and you're stuck sending mail from, say, the hotel's port 25-filtered network which requires that you use their SMTP server? And what happens when someone just uses that SPF record to see which systems will relay email for my domain and then just uses that server to send out lots of spam which looks like it originates from me, and then even worse is "proven" to be authentic?

    smtpauth isn't always an option, and most DNS hosting providers don't make it terribly convenient to keep on adding and removing temporary TXT records as necessary, nor would a company's IT department be terribly happy about needing to do the same for corporate travellers.

    What needs to happen instead is a domain having a public key registry (probably provided via NAPTR records; just do a NAPTR query on, for example, username.example.com and then get either NXDOMAIN or the public signature) and then signed messages. Of course, the fun thing then is the limit of the size of an NAPTR record, so it'd have to be a pretty small key. For this purpose I don't think it's necessary to have more than a 128-bit key or so, though, especially since discarding keys is so trivial (just set a TTL of 30 on the records and use dynamic DNS updates or whatever).

    • by RT Alec (608475) * <{moc.elkcuhc.todhsals} {ta} {cela}> on Wednesday May 19, 2004 @11:13AM (#9195461) Homepage Journal

      You should not be using the hotel's SMTP server, or any other SMTP server except the one for your domain. Your SMTP server should accept initial mail submission (which is different than mail relay) on something other than port 25! 587 or 465 (SMTPS) work quite well (I strongly suggest SMTP+AUTH+TLS/SSL).

      Now your mail originates at the same server all the time, and SPF will work just fine since that IP address is in the SPF record. Your roaming issues are taken care of as well, no more reconfiguring your client software as you move from access point to access point.

    • by FrostedWheat (172733) on Wednesday May 19, 2004 @12:31PM (#9196138)
      And what happens when someone just uses that SPF record to see which systems will relay email for my domain and then just uses that server to send out lots of spam

      Your email server is an open relay? If so, you've got bigger problems than SPF. If you mail does not reply anything coming in from the Internet, then you should not have any problem.

      As for remote users, set them up to use SASL SMTP on port 587. That way only they can relay mail from outside your own network.
  • advantage over SPF (Score:3, Interesting)

    by theonlyholle (720311) on Wednesday May 19, 2004 @11:00AM (#9195335) Homepage
    I think the main advantage over SPF is that this approach doesn't break forwarding as horribly as SPF does. Yes, you can do envelope rewriting for forwarded messages, but Yahoo's approach doesn't require that *all* the servers along the way support it.
  • by CustomDesigned (250089) on Wednesday May 19, 2004 @11:22AM (#9195546) Homepage Journal
    I am dismayed at how often this misunderstanding has been repeated here.
    • If the receiver does not check SPF, then no mail is rejected and forwarding is not broken.
    • If the receiver does check SPF, but doesn't use any forwarders, then forwarding is not broken.
    • If the receiver does check SPF, but uses only forwarders that implement SRS [pobox.com], then forwarding is not broken.
    • If the receiver does check SPF and uses a non-SRS forwarder, but uses a whitelist to avoid rejecting mail from that forwarder, then forwarding is not broken.
    • If the receiver check SPF and uses a non-SRS forwarder, but configures their MTA to reject mail from that forwarder, then their incompetence will result in rejected mail. How is this the fault of SPF?

    • I am dismayed at how often this misunderstanding has been repeated here.

      * If the receiver does not check SPF, then no mail is rejected and forwarding is not broken.
      * If the receiver does check SPF, but doesn't use any forwarders, then forwarding is not broken.
      * If the receiver does check SPF, but uses only forwarders that implement SRS, then forwarding is not broken.
      * If the receiver does check SPF and uses a non-SRS forwarder, but uses a whitelist to avoid rejecting mail from that

  • SPF/DK is wortless (Score:3, Interesting)

    by apavel (544053) on Wednesday May 19, 2004 @11:23AM (#9195555) Journal
    It is known that most spam-sending machines is trojaned computers on broadband networks with clueless owners.

    I think the only way this problem can be solved by ISPs with firewal between Internet and end-users. And may be sell unfirewalled connection to power users.

    With SPF/DK spammers will just register bogus domains ($30 and may be even less for single domain in .com with possible endless subdomains), configure SPF/DK DNS records and send spam.

    As always, sorry for my bad english, I hope you understod me :-)
  • As long as... (Score:5, Insightful)

    by .@. (21735) on Wednesday May 19, 2004 @11:26AM (#9195579) Homepage
    As long as SPF breaks forwarding (and as long as SPF supporters behave as though this is no big deal), it'll fail.

    SRS is nothing but re-hashed bang-pathing, and the SRS folks don't address any of the problems inherent in bang-pathing.

    Show me a Unix system that doesn't use /etc/aliases! (postmaster and abuse accounts, anyone?)
  • by Just Some Guy (3352) <kirk+slashdot@strauser.com> on Wednesday May 19, 2004 @11:27AM (#9195588) Homepage Journal
    I admin several FreeBSD mailservers. I've added SPF records to the DNS for all of my domains, but I'd like to start using it to tag incoming email. Unfortunately, I'm not having much luck finding Sendmail milters (or other plugins) that 1) aren't written in Perl and seem to require half of CPAN, or 2) don't require much patching of Sendmail itself.

    Are there any lightweight milters that would work under FreeBSD that I could use to start using SPF on production systems? While I certainly won't be filtering out unknown mail at this time, I'd like to start inserting result headers to see how accurate it is in the real world.

  • by ahg (134088) on Wednesday May 19, 2004 @11:39AM (#9195693)
    I find the broken forwarding to be the biggest problem with SPF. -- Their solution SRS, rewriting the Envelope addresses so that the middleman then handles all the bounces seem like a definite kludge. (You can read about it here [pobox.com]

    As someone who provides hosting for small companies and usually uses /etc/mail/virtusertable to forward mail for customer domains, I don't want my setup/setup tools broken by having to implement a more complex mechanism and in turn have a higher server load handling bounced messages when a client's mail box is filled.

    While I haven't read the DomainKeys proposal, it has occurred to me before that a variation on SPF with encryption could be implemented without having to extend the ESMTP protocol. TTBOMK (To the Best of My Knowledge) ESMTP allows you to send parameters following the "MAIL FROM" command and these parameters would be preserved as part of the message envelope when forwarding. It would seem to me that an PGP/GPG, private key, encrypted string sent as a parameter would allow updated MTAs to verify the original source by decrypting the string with the orignating servers published public key. How does one publish their public key? Simple, use the TXT record in DNS (similiar to SPF's use of DNS). At the same time, this shouldn't in anyway break compatability with receiving SMTP servers that don't recognise the new parameter.

    While I haven't RTFA, this has been on my mind for a while, as a "better than SPF" solution and I'm sharing it here. How do you think it stacks up to SPF/DomainKeys?

In a consumer society there are inevitably two kinds of slaves: the prisoners of addiction and the prisoners of envy.

Working...