[PLUG] what is the point of PGP-signed emails?

Jason Van Cleve jason at vancleve.com
Thu Dec 11 10:56:01 UTC 2003 

Quoth Zot O'Connor, on Wed, 10 Dec 2003 21:40:44 -0800:

> Keith needs to post the Mugu baiting site.  Believe it or not, most of
> the return emails to the Nigerian scams are monitored by the sender
> and you can start a conversation up with them.  Try it, its fun!

Keith?

> In order for that to work int he signed email world, they would have
> to maintain the sender key for future emails.

I see.  Or they could just generate a new one in those cases.  Savvy
users will notice the discrepancy, of course, but then, most people who
reply to spam are not savvy.  In any case, it would be easy to obscure
an incriminating set of keys, should the trail need to be covered.

> > (Then again, if it does serve to incriminate the sending machines,
> > that would only mean rooted and RAT-infested machines would become
> > the primary MO.  That doesn't sound very nice.)
> 
> This is true of any criminal catching tool.

But a solution which doesn't encourage hacking would surely be
preferable.

> > But if you think your solution is worthwhile, I'd be interested in
> > reading a complete description.
> 
> First get everyone using keys, then I will write it up :)

Aye, first give me the chicken, then I'll produce the egg!  Anyway, this
is getting a tad complex, so let me try to get it strait.  Email servers
(SMTP?) would require a razor-PGP-like filter, and unsigned emails would
be filtered categorically.  Those signed with a key that is known to the
razor service/network and in good standing, would be forwarded without
delay.  Emails signed with an unknown key would be held in queue for a
period of time, a sort of probation.  If during that time the key were
not reported as abusive--to the specific service/network being applied
(or would that be universal?)--then the mail would be shuttled along to
the recipient, and otherwise it would be filtered.  At some point, after
some number of successful deliveries, a key would achieve a "known"
status.

The following problems seem to remain:

If all the mail servers are stalling emails for our hypothetical two
hours, who in that time will read and report them as spam?  It would
have to be a large subset of users, for every spam is not sent to
everyone.  I suppose it would be voluntary, and if enough people get
tired of doing it and revert to waiting themselves, the plan will fail.

If the two-hour wait period is effective after all, spammers will resort
to signing each email with a new key, rendering the probationary period
moot.  (Or they will send only a small number of emails per key, which
would be about as effective.)  You say the process of generating keys
will slow them down appreciably.  I doubt it.  Spammers are
sophisticated assholes.  And all of this will encourage them to hijack
other people's machines to do their work.

Another possibility is that spammers will generate a key, send a few
legitimate, hi-how-ya-doin' type emails to his friends (if he has any)
in order to make the key "known", then use it to send five million
penis-pill ads, many of which will reach their destinations before
razor-pgp knows what hit it.


I'd like to know if there is any feasibility to the idea of a universal
web of trust, where users worldwide would have to join, or their emails
would be filtered by default.  Thus unknown keys would never be
delivered at all.

--Jason

--
If you drink, don't park, accidents cause people.

More information about the PLUG mailing list