Slashdot Mirror
Yahoo! Develops Anti-Spam Architecture
prostoalex writes "Yahoo!, the owner of one of the largest e-mail systems in the world, is said to be developing a cryptographic product that will be offered freely to mail servers. 'Domain Keys,' according to the Reuters article, would require the message sender to authenticate in order for message to come across a trusted e-mail network. The idea has been around for ages, however, it required someone from the big league like Yahoo! to step in." While Yahoo! isn't the first name that comes to mind when I think of trusted email, it's still a step in the right direction.
But ultimately one has to worry about the lock that Yahoo! might have on servers once they get it installed all over the place.
Could you imagine this becoming really popular and then Yahoo! getting bought by someone like oh say Microsoft? (or any other big commercial interest)
But how am I going to get my special penis enlargement information now? And what about that family matter I am resolving with Mr. Mobotu?
In all seriousness, I think this is a good idea. But, sadly, it's going to be cracked. Domain keys can be forged, and that will be the first thing that these spam servers will be focussing on right now. They'll set up a Yahoo acct and monitor traffic to see what the domain keys look like. They will then duplicate the acks and be back in business. It's only a matter of time.
This is a good step, no doubt. It is just that we should be looking at ways of putting spammers out of business, too. Hit their wallets, not their tech. Tech can always be worked around, especially by dubious people.
Instead of domain keys, I had a different idea that might work a lot better.
What if nobody sent email over the Internet?
Today we have the ability to use web forms to pass messages back and forth to other users on the same service. With that option, the server admin would be able to flag spammers and ban them. If you wanted to message another user of another server, you could type in their location as USERNAME@DOMAIN, and that would queue to be sent in batch to the other server after authentication.
No outside contact. No spam. One message per customer. If you send more than a certain number of messages in a day, they are held as possible spam.
Privacy goes out the window, but hey... it's not like there is any privacy in non-encrypted email anyway.
...you'll only be spammed by Yahoo??
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
$ telnet mx1.mail.yahoo.com 25
Trying 64.157.4.78...
Connected to mx1.mail.yahoo.com.
Escape character is '^]'.
220 YSmtp mta108.mail.sc5.yahoo.com ESMTP service ready
It looks like they run YSmtp, just like everyone else I know. In all seriousness, I'd imagine there isn't much of Yahoo's infrastructure that isn't highly optimized for Yahoo's own use. I think that Yahoo did a lot with FreeBSD at one time, but I'd presume whatever they have isn't just an out of the box app.
As long as it's an open standard that eventually becomes RFC3821, I'll be okay with it. But if it's one of those proprietary "pay us to participate" schemes, they can go jump. Oh, and there should be no scope for someone to say "pay us or we won't accept email from you.
Personally, I'd like to see two things.
1. The software Yahoo! is developing should be open-source, so nobody can monopolize it. At the very minimum, the protocols involved should be well documented so open-sourcers can make their own implementations if they have to.
2. Give this software a few months to propogate to a good chunk of the ISPs out there. Then, Yahoo! should announce that they will NOT accept any email that is not signed with this software. I'll guarantee that everyone will be using this new protocol in a matter of weeks, since no ISP wants customers screaming because they can't get mail through to Yahoo! accounts.
Meldroc, Waster of Electrons
I'm assuming that what is sent out is an encypted token for which the public key can be used to decrpyt, so:
So, the token to be encoded will change from mail to mail, thus making replay techniques pretty much impossible, I think. At least, that's the way I'd do it, and I'm pretty sure I've seen it presented before as well...
On the other hand, I ain't a security expert, so there's probably a gaping hole in the above
Simon
Physicists get Hadrons!
It can be open sourced, but that doesn't mean anything about preventing lock-in.
Presumably a 'domain key' is some cryptographic element that authenticates that your domain is who it claims to be. To me this sounds an awful lot like SSL where a third party issues the keys, or acts as a clearinghouse for self-issued keys.
Either way, Yahoo could be the man in the middle acting as either issuer or clearinghouse. Think of it this way, OpenSSL is open sourced, but that doesn't keep the SSL issuers from having a lock on that market.
If someone announced a cure for all cancers, this crowd would immediately dismiss it because it could possible be bought by Microsoft. You pimply-faced pessimists remind my of Eor from Winnie the Pooh.
One guy's take on why it won't work
The first time that I heard about a teergrube to use as a way to block -- or at least make it damned difficult for -- spammers I was intrigued at its simplicity. And tho' I find references to it all over the 'net, I don't think that it has been mainstreamed yet, and frankly I don't know why. Have spammers developed a counter to a teergrube? Or do mail admins simply not know enough about them?
Mit der Dummheit kämpfen Götter selbst vergebens.
when you think about it, BUT this should come from IETF or some other body not from a company. A few important points:
...
1) Who will issue the keys?
2) Is anonymous mail possible if the receiver allows it?
Furthermore spamming is a social problem emerging from our commercial world and technical solutions can never be 100%. What if:
a) I send spam from a "secure" domain?
b) forge certificates?
c) the certificates are too expensive? (like SSL, I think it should be included with a domain)
I like the "Bayes" spam filters best. You get 99.5% spam protection and keep anonymous mail.
We all see the need for authenticated senders (biz communication, etc.), but we should be careful
I use Yahoo mail and its very good.
They have a pretty good spam catching service.
It puts suspected spam in a "Bulk" folder. You can
review this folder or just like it get purged after 30 days. Nice. You can also click on the "its not spam" / "this is spam" buttons to help them tune.
They offer a SSL login and it was discuessed recently on Slashdot that they use the Javascriptcrypto library to calculate MD5's on the client side and send the digiest for seduvcity (maybe when you are not logging in with SSL).
You can check your POP3/IMAP mailboxes. The resources come back color-coded.
Good uptime. Always available.
It's free. You can enought resources for reseaonable use. But you can buy more if you want.
All this sounds exactly like a crypto-nerd and slashdotter would design a mail service. And this new thing is going to be opensourced!
First let them implement some user account verification, so that a RCPT TO: results in a 550 reply when that user does not exist.
This enables SMTP callbacks to stop spam being spoofed "from yahoo", just like everyone else does.
Okay, so they're developing a system that they'll release to open-source developers.... why not DEVELOP it in the open in the first place?
Ed R.Zahurak
You know, oblivion keeps looking better every day.
My experience over-all has been excellent, with on minor exception: This was from a google search on "yahoo marketing preferences", and pretty well sums up what happened. They basically reset user marketing preferences, twice in about 4 years if I remember correctly.
It was a bad decision IMHO, but easy enough to reset your preferences, here is yahoo's page on privacy, with links to reset your marketing preferences:
http://privacy.yahoo.com/
Other than this one issue, I've been very happy with Yahoo. Being able to check all my e-mail on one Web site for free is great. Never have lost any e-mails, no problems at all.
Bala Krishnamurthy at AT&T Labs has given a number of talks recently, including to the IETF, on a spam disincentive program he calls SHRED. My understanding is that it uses offline cryptographic computation to amortize this overhead and distribute it to parties willing and able to devote the computational resources.
In any case, the tag line for this article had it right, standardizing this will be hard and heavy-hitters like Yahoo will need to take the lead. But a key problem is getting the new system to interoperate with the old.
Mencken had it right. So glad that's old news.
I don't see how lock in will be an issue. Imagine the following scenario:
I can't see how this would neccesitate a clearinghouse.
a thing to remember is that if someone can prevent a spammer from communicating based on identity (or lack thereof), you can be silenced as well.
This is why I have put my efforts into sender-pay systems and specifically the camram project. We invite you to please come and join us in the effort to build a decentralized, user-friendly, freedom-of-speech supporting antispam system and hit spammers in the pocketbook.
camram antique documentation (too busy writing code to write new documentation)
The authentication token would likely be some sort of hash of the message contents. In that way, a token is only valid for that particular message. The sender would generate a checksum of the message, encrypt it with a private key, then transmit the encrypted checksum as the token. The receiver would generate the same hash of the message contents, and decrypt the token with the public key. If the decrypted checksum equals the generated checksum, then one can be confident that the message came from the server it said it came from.
Would you rather choose a Yahoo product over an open standard that is under development? I'm speaking of AMTP, of course. (See AMTP author's site).
Yahoo's size doesn't give that much weight to their proposal. Yahoo's email is not used in business to business communication (do not count hot dog stands as businesses), so businesses can just aswell block everything that originates from *@yahoo.com if it is not directed to their consumer service department.
Also, reverse mx records provide much of the same benefits with minimal alterations needed to current email infrastructure. One DNS record added and small change in MTA software.
If Yahoo would really like to do a service to the internet community, they should rather consider looking AMTP and reverse mx records.
I joined two users too late.
The way the IETF and other standards bodies have worked is that some organization wouldtry out a new concept for a technology and once they feel the concept is working, they will create a Request For Comments (RFC) which allows others to implement and offer feedback. Over time the RFC gains support and ultimately becomes a recommendation.
This process was used to create the internet today, including all of the network protocols and services that run on top of it. Even SMTP was an RFC first.
Brennan Stehling - http://brennan.offwhite.net/blog/