CircleID

Comments

Fight Spam With the DNS, Not the CIA

• Comment posted Sep 28, 2003 6:16 am PDT — by Matthew Elvey
  Some of the more advanced RMX-style systems should have legs.  Please acknowledge that there are some that are better than yours, and endorse the best one, so we can get to a consensus and get it broadly implemented.  The system…

ICANN and DOC Announce New Three-Year Agreement

• Comment posted Sep 28, 2003 6:31 am PDT — by Matthew Elvey
  No editorial?  Here's mine:  This is a sad day.  They've done nothing meaninful re. VeriSlime's many transgressions, of which the *.com grab is but one.  They never pressure registrars to terminate domains with blatantly false contact info used by spammers. …

Reaction to VeriSign's New 36-Hour Deadline

• Comment posted Oct 04, 2003 6:55 pm PDT — by Matthew Elvey
  Having read the competing proposals from various organizations, and based on rich experience with Verisign (including visiting the very secure offices where they manage the GTLDs) I am confident that there are several other groups that could take over management…

The Accountable Net: Who Should Be Accountable?

• Comment posted May 03, 2005 8:02 pm PDT — by Matthew Elvey
  Esther, I noticed that the ICANN NomCom is open for recommendations for a bunch of posts*.  Are there any folks here that you'd recommend for the posts?  That you'd like to see in the posts (an interestingly different question!) ICANN's…

Port 25 Blocking, or Fix SMTP and Leave Port 25 Alone for the Sake of Spam?

• Comment posted May 16, 2005 8:36 pm PDT — by Matthew Elvey
  John said: "I have yet to see a response which says, these are serious issues." Response from whom? I certainly said this on spf-discuss: http://www.gossamer-threads.com/lists/spf/discuss/19008?do=post_view_threaded#19008 the draft has gross flaws. I wonder how "Bruce" would handle the "nightmare scenario" I…

• Comment posted May 03, 2005 7:47 pm PDT — by Matthew Elvey
  I'd like to challenge John's two criticisms of CSV: 1)It doesn't take into account SOHO users. 2)A significant fraction of mail servers don't HELO/EHLO properly. aren't valid. Consider one user of elvey.com, my dad. He mainly sends email from 4…

• Comment posted Apr 23, 2005 7:34 pm PDT — by Matthew Elvey
  I no longer support SPF either. For my lastname domain, instead of simply removing the SPF records, I put in some interesting active commentary - slowly resolving records*.  For customers, I did what you did - removed the SPF records.…

Address Policies

• Comment posted Aug 01, 2005 6:49 pm PDT — by Matthew Elvey
  In case it wasn't clear: I agree that the RIRs are both relatively and absolutely well-run.  I think it's appropriate to assume the line has been crossed into deliberate falsehood, and then figure out how to go from there.  Recent…

• Comment posted May 14, 2005 11:08 pm PDT — by Matthew Elvey
  Great introduction. It would seem that the critical issue that Zhao's proposal intends to address is one of *allegedly* poorly run RIRs.  It would seem that the critical issue of the proposal is the consequences of the incentive for policy…

Sitting Around the Domain Table

• Comment posted Jun 14, 2005 3:39 pm PDT — by Matthew Elvey
  Bodyguards for Bob? With the number of customers he has*, and with the many positions he boldly takes (taking one is controversial and the norm is not to), I'm not surprised.  (He's ticked me off with some of them, even…

The Philosophical Case for Expanding the Domain Name Space

• Comment posted Jun 14, 2005 3:22 pm PDT — by Matthew Elvey
  NAME RECOGNITION Philosophically, the only 'purpose' of most new TLDs (e.g. .name, .aero, .pro, .coop) is simply to create a domain with a different favoritism bent from the current set. I think there should be fewer new TLDs than there…

SPF Loses Mindshare

• Comment posted Aug 13, 2005 4:11 am PDT — by Matthew Elvey
  wayne: SPF3 (like CSV) still seems to be orders of magnitude easier to deploy than SPF*.  SPF works well (ignoring the forwarding, security, etc. problems for the moment) if every legitimate domain appearing in a MAIL FROM has an appropriate…

• Comment posted Aug 11, 2005 7:55 am PDT — by Matthew Elvey
  Golding: There are alternatives to SPF that are better and 'ready to go'.  Even my hybrid draft from last September is better than today's SPF: http://elvey.com/draft-ietf-marid-spf3-00.txt ...not that I'm terribly proud of it, but I do know that Google's gmail…

So You Think You're Safe from DNS Cache Poisoning?

• Comment posted Aug 25, 2005 11:18 pm PDT — by Matthew Elvey
  Looking at the DNS software a few ISP servers claim to be running didn't give me a warm fuzzy feeling. Is it appropriate to probe and publicize a wall of shame/list of vulnerable servers?  I think so.  The bad guys…

Time to Play Offense

• Comment posted Sep 09, 2005 8:42 pm PDT — by Matthew Elvey
  I wonder if there is any malware out there that only attacks, or avoids attacking, IPs based on the believed location of the IP.  It would be exceedingly easy.  I believe malware already exists that only attacks allocated IP space.…

• Comment posted Sep 09, 2005 8:35 pm PDT — by Matthew Elvey
  Interesting stuff.  Certainly sounds like a mess; reminds me of two recent issues: 1) the American who rotted in Iraqi jail for around 2 months because no one in the military was willing to make a decision.  (Interviewed on one…

Should the Government Prepare a Preemptive Cyber-Attack?

• Comment posted Feb 16, 2006 8:19 am PST — by Matthew Elvey
  What do you mean by "Should"?  Is it possible? Ethical? A good idea? I can think of a couple highly effective offensive cyber-attack strategies the US could use in a war with another country. Given that the US doesn't care…

You Paid to Join; You Can Leave Anytime

• Comment posted Nov 09, 2005 12:44 am PST — by Matthew Elvey
  As long as we're discussing the USA being able to call all the shots: 1)To what extent has this improved today?  I understand that there are lots of peering points around the word, but I'd say at least half of…

DMA Requires Email Authentication, Do We Care?

• Comment posted Nov 09, 2005 12:10 am PST — by Matthew Elvey
  I'm happy to see them promote Email Authentication, but it's not a big deal because it's not a hard requirement.  Plus, there's no effective enforcement mechanism. The DMA is just saying that members SHOULD (not MUST) use Email Authentication, in…

What Legal Framework for Online Identity?

• Comment posted Nov 10, 2005 9:22 pm PST — by Matthew Elvey
  I've spent a lot of time thinking about online identity.  David Chaum has written extensively, (and brilliantly) describing ways to provide irrefutable evidence of, e.g. citizenship or the right to drive, while preserving anonymity.  In my anti-spam work, authentication and…

The Problem With Wikis

• Comment posted Jan 04, 2006 8:48 pm PST — by Matthew Elvey
  IMO, most of the reasonable schemes for fighting email spam are equally applicable to fighting wikispam: - DNSBLs, e.g. URIBLs - Content-based filtering - Statistical filtering - Authentication and Reputation (A&R;) - Cost-Based systems, e.g. bonds - Heuristic filtering, e.g.…

How to Listen to the Individual Internet User

• Comment posted Jan 04, 2006 8:15 am PST — by Matthew Elvey
  ICANN has all the legitimacy of The Party in Orwell's '1984', for all the reasons Danny so eloquently expressed.  It spends large sums of money doing things contrary to public interest.  You are just beating your head against the wall…

Europe is to the US Controlled GPS as Europe is to the US Controlled DNS Root?

• Comment posted Dec 31, 2005 6:51 pm PST — by Matthew Elvey
  The GPS system was designed by and is controlled by the DoD and can be used by anyone, free of charge.  So the news reports I've heard, which claimed that Galileo would help the EU financially, make no sense.  It…

The Politics of Email Authentication, 2006 Edition

• Comment posted Jan 19, 2006 11:37 pm PST — by Matthew Elvey
  John: Great post. Yes, the reputation database piece is key.  I've been thinking about some ways to do reputation right, and in way that will make it feasible for large and small legitimate mail sources to maintain a good reputation. …

Why ICANN Nominating Committee Has Difficulty Finding Directors

• Comment posted May 30, 2006 7:22 am PDT — by Matthew Elvey
  Given ICANN's budget, it seems that even generous salaries and Notes for the Board and related staff would be expenses so small as to be immaterial.  ICANN can't agree to implement even basic honoraria or groupware tools (other than mailing…

Black Frog: Next Generation Botnet, No Generation Spam Fighting

• Comment posted May 30, 2006 6:54 am PDT — by Matthew Elvey
  Gadi, thanks for sharing your insights. I hope you won't take this the wrong way, and I know about some of the good anti-abuse work you do, but can you provide verifiable evidence of your claims, e.g. that Blue Security…

Phishing Moving to the Web Channel

• Comment posted Jul 23, 2006 9:18 pm PDT — by Matthew Elvey
  An anti-abuse system that assigns a reputation to a data source is likely to be usable for any kind of spam, not just email spam.  For example, blacklists and whitelists are are already widely used to combat wiki and blog…

OpenDNS: It's Not SiteFinder for Obvious Reasons

• Comment posted Jan 02, 2007 10:24 pm PST — by Matthew Elvey
  Mark, I think my point still stands: OpenDNS isn't making any commitments to do the right thing or anything at all, and there's a lot they could potentially get away with. Let me clarify my constructive criticism: I would like…

• Comment posted Jan 01, 2007 4:12 am PST — by Matthew Elvey
  I'd be up for proposing to switch my users to opendns if I had some assurances about what I was switching them to.  http://www.opendns.com/terms/ doesn't give me any, and doesn't give me the warm fuzzy feeling.  There's no date on…

Your Whois Search May Be Monitored by Third Parties

• Comment posted Jul 23, 2006 8:40 pm PDT — by Matthew Elvey
  It seems CNET has disabled it's domain name search feature.  The link is broken, and clicking on the Web hosting directories and tool: "Domain name search" that's currently here redirects to cnet's home page as well; other links on their…

Another Try at Proof-of-Work e-Postage Email

• Comment posted Aug 12, 2006 10:18 pm PDT — by Matthew Elvey
  Not only can Grandma still send email, as you've conceded, John, but existing improvements besides the one in this paper mean that her emails to her grandchildren don't require her PC to compute a hash. http://www.fussp.info/Topic21.html Bill: It's not clear…

• Comment posted Aug 02, 2006 8:12 pm PDT — by Matthew Elvey
  Finished the (not even half decently proofread) paper.  Grandma can still send mail!  Grandma's PC will just have to do a 6 min. POW to send each spam or other new-recipient email.

• Comment posted Aug 02, 2006 2:14 am PDT — by Matthew Elvey
  Good analysis, John.  Let's explore that 'spammers adapt' scenario a bit more.  While clearly it's not a perfect solution, that's an unreasonably high bar to set. Let's follow through and see what happens when spammers try to send from the…

Making DKIM More Useful with Domain Assurance Email

• Comment posted Aug 12, 2006 10:42 pm PDT — by Matthew Elvey
  Great job on VBR so far! 1)It would be nice to see it extended soon to include semantics for non-e-mail messages, such as IMs, wiki-edits, blog comments like this one, SMS, forum & USENET posts, VoIP, and could readily be…

Map of the Internet: The IPv4 Space of 2006

• Comment posted Dec 26, 2006 9:55 am PST — by Matthew Elvey
  3.0.0.0/8 was "sold" to GE?  Domains were once free; IPs were too, or is my memory fuzzy?

Web Server Botnets and Server Farms as Attack Platforms

• Comment posted Feb 15, 2007 11:36 pm PST — by Matthew Elvey
  Thanks for not sugar-coating things and updating us on the state of the art. Here's how I've dealt with two similar issues, as you asked: I had an unpleasant experience when a system I help manage was infected via a…

Registerfly Victims Are Really Stuck Now

• Comment posted Jul 26, 2007 12:15 am PDT — by Matthew Elvey
  Would a big judgment against ICANN be a deterrent against it screwing up again?  Not AFAICT.  No one would feel a significant negative impact.  It just means domain prices will go up.  There is no accountability.  So no one will…

Oklahoma Spammer Fighter Loses Even Worse

• Comment posted Jun 15, 2007 8:56 am PDT — by Matthew Elvey
  Yes, CAN SPAM act says that mailers have to provide a working opt-out process.  CAN SPAM does not say that recipients can't invent an opt-out process and demand that mailers use it.  It is silent on that topic.  IMO, Mummas…

• Comment posted Jun 12, 2007 7:32 pm PDT — by Matthew Elvey
  The best way I can answer that is to mention the mortgage spammer who insisted I'd opted into their spew and went so far as to provide me and their ISP with a piece of paper claiming I'd been to…

• Comment posted Jun 12, 2007 6:11 pm PDT — by Matthew Elvey
  Sorry, I misspoke when I said "If every biz in the US did what Cruise.com did, we’d all die of a thousand^4 cuts"; please strike that. I'd search my logs for spam from cruise.com, but I'm not sure what to…

• Comment posted Jun 12, 2007 5:57 pm PDT — by Matthew Elvey
  Except that he did file and unsubscribe request.  He pointed them to optoutbydomain.com.  Seems pretty obvious to me. From a technical standpoint, unsubscribing by doing this is an unsubscribe request for his email address that wouldn't be a problem for…

• Comment posted Jun 12, 2007 5:49 am PDT — by Matthew Elvey
  Sure, Mark Mumma was intemperate, but, well, in terms of right and wrong, I see things pretty clearly: Cruise.com sent Mumma UBE (i.e. spam).  Mumma unsubscribed.  Cruise.com refused to heed his unsubscribe request, and instead spammed him.  They did this…

Geographic Implications of DNS Infrastructure Distribution

• Comment posted May 04, 2007 9:11 pm PDT — by Matthew Elvey
  Great stuff, Steve.  Minor nit: .MIL and .US aren't hosted in their home country? Common sense and Page 18 of your paper seem to contradict that.

Vint Cerf Speaking Candidly as ICANN Chairmanship Ends

• Comment posted Jun 05, 2007 3:04 pm PDT — by Matthew Elvey
  Umm… you failed to post a working link.  Here they are: YouTube Google Video ICANN is supposed to look after the “security and stability” of the Internet… but they wouldn't even approve .mail.  And there are more domains with bogus…

Opt-In Permission for Mailing Lists: Is It Enough?

• Comment posted Jul 02, 2007 2:04 am PDT — by Matthew Elvey
  Every argument I've ever heard against COI boils down to 'we don't want to verify our lists'.  And I've heard that from bosses and customers, and I sympathize, but I've learned from being hard and soft about it.  Given spamhaus'…

• Comment posted Jun 28, 2007 1:45 am PDT — by Matthew Elvey
  Good point, Ale.  Expanding on that : Most people in the anti-spam space are still amazingly shortsighted.  There's as much mail getting past my filters as ever - the filters get better, and the spammers tactics advance.  But implementing short-sighted…

The Cold-War Fight Against Domaining Continues

• Comment posted Aug 11, 2007 10:17 pm PDT — by Matthew Elvey
  Sure seems like a Tulip craze to me - or worse: I'm wondering if there are a lot of SHAM domain name sales going on. I came across http://dnjournal.com/domainsales.htm this morning and looked at the websites hosted on the domains…

New Report Warns Against "DNS Forgery Pharming" on BIND 9

• Comment posted Jul 31, 2007 5:20 am PDT — by Matthew Elvey
  This issue makes me worry much more about the huge number of root certificates that ship with the major browsers and OSes.  Why do I need to have 50 root certificates?  Seems like it would be better to get rid…

P2P: Boon, Boondoggle, or Bandwidth Hog?

• Comment posted Aug 23, 2007 9:15 pm PDT — by Matthew Elvey
  P2P services are inherently scalable?  No, they're not, though they are much easier to provide cheaply in high volume, and many are scalable.  "Some early P2P implementations of Gnutella had scaling issues." - http://en.wikipedia.org/wiki/Scalability You're confabulating 'inexpensive' and 'scalable'. If…

Ameritrade Leaks User Information Yet Again, Blames Hacker X

• Comment posted Sep 25, 2007 12:04 am PDT — by Matthew Elvey
  "pump-n-dump spam to tagged email addresses ... given only to Ameritrade" was news in '05.  Yeah, I was just rereading a John Levine nanae post about spam traceable to Ameritrade which shows they knew about the problem in '05.  Ameritrade…

Take Down Order by California Court Raises Issues of Censorship and Free Speech

• Comment posted Feb 29, 2008 4:03 pm PST — by Matthew Elvey
  Just submitted to David Ulevitch's opendns.org:  Please make wikileaks.org work for your customers, and issue a press release about doing so! See New York Times article and/or http://88.80.13.160/wiki/Wikileaks David, I hope you'll see this and respond here with your thoughts.

On Comcast and Net Neutrality: Shouting Fire in a Theater

• Comment posted Mar 03, 2008 10:31 am PST — by Matthew Elvey
  Campbell, your post seems to have a fair bit of misinformation.  Here's one example quickly verifiable.  You say DSL is $40 + 20 / month.  Umm… AT&T;is selling dsl for $10/month (not including 20/month or so for the phone line). …

Apple Finally Patches DNS Flaw

• Comment posted Aug 06, 2008 5:14 am PDT — by Matthew Elvey
  Correction; when not on WiFi, my iPhone uses 209.183.54.151, AKA bthinetdns.mycingular.net, which doxpara says is OK.

• Comment posted Aug 05, 2008 7:09 pm PDT — by Matthew Elvey
  Not to mention that the iPhone includes BIND code and it hasn't been patched at all. (The "Legal" section includes bind license terms.) I haven't seen that mentioned anywhere.  At least the doxpara.com test says the name server my iPhone…