Vernon Schryver
vjs@calcite.rhyolite.com
Mon, 1 Apr 2002 13:36:25 -0700 (MST)
> From: "Tony L. Svanstrom" <tony@svanstrom.org> >> That may conflict with the fundamental idea of the DCC. That idea is that by > > reporting cryptographic checksums of lots of mail to clearinghouses > > regardless of whether it matches some pattern or came from some blacklisted > > source, bulk mail can be detected by all except the first first few targets. > > Yes, and I love the idea behind it all, but I have to use my lil compromise >until I feel that I can trust the system. I intend to apply whatever my idea of > a working solution is when done to a situation where a successfull attack just > isn't an option; and right now DCC is, to me, a high risk-thing. I do not understand what is meant by a "successfull attack" in this context. Have you read http://www.rhyolite.com/anti-spam/dcc/dcc-tree/dcc.html#Security ? If the concern is about false positives or rejecting mail that is not spam, then that is a non sequitur and suggests a continued misunderstanding of the nature of the DCC. Report checksums of all external mail is independent of enabling mechanisms to reject mail. I think minimal pruduence includes not enabling mail rejection for a month or two while monitoring what would have been rejected. If the concern is about privacy or security, whether trojan horses or leaking private information about the contents of mail, then the best and only reliable way to procede is to read and understand the code. > My biggest consern right now is the lack of information regarding how it > works. The primary information is all there in plain sight in the C source. I can see how the large number of English words might be too much of a good thing, but I don't know what to delete. Vernon Schryver vjs@rhyolite.com