[milters] Archive

Lists Index Date Thread Search

Article: 245
From: Anthony Howe
Date: 2004-11-20 02:11:39 -0500
Subject: [Fwd: Re: Standardizing reputation query mechanisms]

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

I'm forwarding this from the ASRG IAR list to this list as it relates to 
milter-siq and the SIQ protocol indirectly. Someone may be interested in 
pursuing the up take of the GOSSiP project, participating in the ASRG 
IAR subgroup, and possibly looking into the use of the SIQ protocol or 
alternatives.
-- 
Anthony C Howe                                 +33 6 11 89 73 78
http://www.snert.com/       ICQ:
7116561         AIM: Sir Wumpus

            "Once...we were here."  - Last of The Mohicans



-- Attached file included as plaintext by Ecartis --
-- File: Re: Standardizing reputation query mechanisms

Return-Path: <sb0-074151de0a-iar-owner+M15=achowe=snert.com@asrg.sp.am>
Received: from xuxa.iecc.com (xuxa.iecc.com [208.31.42.42])
	by pop.snert.net (8.13.0/8.13.0) with ESMTP id iAJM6ZPM030336
	(version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=FAIL)
	for <achowe@snert.com>; Fri, 19 Nov 2004 23:06:53 +0100
Received: (qmail 16769 invoked by uid 85); 19 Nov 2004 22:06:34 -0000
Received: (qmail 16739 invoked from network); 19 Nov 2004 22:06:31 -0000
Received: from ribbit.roadtoad.net (209.209.8.7) by mail2.iecc.com with
  SMTP; 19 Nov 2004 22:06:30 -0000
Received: from tethys.bitshift.org (c-24-6-150-46.client.comcast.net
  [24.6.150.46]) by ribbit.roadtoad.net (8.12.9/8.12.2) with ESMTP id
  iAJM6Ham018253; Fri, 19 Nov 2004 14:06:18 -0800 (PST)
Received: by tethys.bitshift.org (Postfix, from userid 1001) id
  C811E84F86D; Fri, 19 Nov 2004 14:06:17 -0800 (PST)
Date: Fri, 19 Nov 2004 14:06:17 -0800
From: "Mark C. Langston" <mark@bitshift.org>
To: Robert Barclay <rbbarclay@gmail.com>
Cc: iar@asrg.sp.am, rand@sendmail.com, mengwong@dumbo.pobox.com,
        fenton@cisco.com, juan@port25.com, george@omniti.com
Subject: Re: Standardizing reputation query mechanisms
Message-ID: <20041119220617.GF63548@bitshift.org>
References: <2e6401b5041119131568a07645@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <2e6401b5041119131568a07645@mail.gmail.com>
User-Agent: Mutt/1.4.1i
X-Uptime: 1:48PM  up 78 days, 20:45, 5 users, load averages: 0.10, 0.06,
  0.01
X-DCC-IECC-Metrics: xuxa.iecc.com 1107; Body=1 Fuz1=1 Fuz2=1
List-Help: <mailto:iar-request@asrg.sp.am?subject=help> (List Instructions)
List-Unsubscribe: (Use this command to get off the list)
<mailto:iar-request@asrg.sp.am?body=unsubscribe%20iar>
List-Subscribe: (Use this command to join the list)
<mailto:iar-request@asrg.sp.am?body=subscribe%20iar>
List-Post: <mailto:iar@asrg.sp.am>
List-Owner: <mailto:owner-iar@asrg.sp.am> (Contact Person for Help)
List-ID: <iar.asrg.sp.am>
X-Loop: majordomo iar
Precedence: bulk
Sender: iar-owner@asrg.sp.am

On Fri, Nov 19, 2004 at 02:15:08PM -0700, Robert Barclay wrote:
> Lately, despite the low level of activity on this list, there has been
> a great deal of activity in the development of a new generation
> reputation services beyond the existing blacklist/whitelist paradigm.
> Several (including one I am working on) either are available in some
> state currently or are in development This is an exciting development
> for the email industry in general, but does present some challenges.

On that note, I'd like to make a brief announcement:  GOSSiP 0.8-beta is
available on sourceforge.net.  Please see
http://sourceforge.net/projects/gossip-project/ if you're interested.

Also, and perhaps as importantly, I'd like to announce that I'm stepping
down from leading the GOSSiP Project, and need to find someone willing
to take my place developing, guiding development, and evangelizing
GOSSiP.  I've accepted a new position, and as part of my employment
contract, I've agreed to cease my involvement in GOSSiP to preclude any
possibility of conflict-of-interest in a potentially competing product.

If you'd like to assume command of GOSSiP, please email me privately,
explaining how you intend to continue the work I've started.  If chosen,
you'll receive administrative access to the sourceforge.net project
(I'll need your sourceforge.net account name).


> The primary one is that most of these services are commercial to some
> extent or another which makes sharing information difficult.

This is why I made GOSSiP open-source, under the GPL.

> Despite this, an overwhelming concern I have heard from ISPs and MTA
> vendors is that each of the developing services is publishing its data
> in a slightly different way, and beyond that several protocols have
> been suggested as standards for querying this data.
> An area where it should be possible for all of us to work together
> without the problems of commercial damage is in development and
> deployment of a standard protocol for publishing and querying
> reputation data. This problem is much more complicated than it may on
> its face appear, because reputation services will have a much wider
> range of sematics than traditional blacklists. They will return
> different levels of granularity of data, from a single binary score,
> to a huge range of scores over individual data points or even
> customized scores for individual queriers. Or tey may provide a list
> of suggested actions to be taken. They may have a need to allow email
> receivers to guide the semantics of the query (e.g. I want elements
> x,y,and z but not the other 23).

I believe there was a proposal floated several months ago on the ASRG
AIR subgroup.  The draft was posted to that mailing list.  Perhaps it
would serve as a good starting point?

I could also briefly describe the GOSSiP query/response protocol, if
there's interest.

A note on my approach:  I decided to take advantage of the facilities
already present in the various MTAs (milters, policy agents, etc.)
rather than expect the MTA to bend to my needs.  I provide a
milter/agent/what-have-you that connects the MTA to a GOSSiP node,
formatting the RFC2821 information into a the GOSSiP protocol, and
translating the GOSSiP node's response back into instructions the MTA
understands (continue, delay, defer, bounce, drop, etc.)


-- 
Mark C. Langston                                 The GOSSiP Project
mark@bitshift.org                  http://sufficiently-advanced.net
generic factotum                          Distributed, Peer-to-Peer
http://bitshift.org                     
  E-mail Reputation System



Lists Index Date Thread Search