Certified Server Validation (CSV) “ An MTA is talking to me directly. Are they OK?” D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36.

Slides:



Advertisements
Similar presentations
Introduction to the Anti-Spam Research Group (ASRG) Presented by Yakov Shafranovich, ASRG Co-chair NIST Spam Technology Workshop Gaithersburg, Maryland,
Advertisements

Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.
Protocols and Troubleshooting Brandon Checketts.
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
D. CrockerIntroduction to BATV 1 MIPA Bounce Address Tag Validation (BATV) “Was use of the bounce address authorized?” D. Crocker Brandenburg InternetWorking.
Sender ID Drafts Jim Lyon Microsoft Corporation 4 August 2004.
INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)
System Aspects of Spam Control Architecture and Operations Issues IBM Academy 6 Apr 2005 Dave Crocker Brandenburg InternetWorking IBM.
The Application Layer Chapter 7. Where are we now?
1 Dr. David MacQuigg Research Associate Autonomic Computing Laboratory Autonomic Trust System – Verify Identity and Assess Reputation University of Arizona.
1 Dr. David MacQuigg Research Associate Autonomic Computing Laboratory System – The most important application of computer networks University of.
Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
1 Dr. David MacQuigg, President Open-mail.org Registry of Public Senders™ –A Secure DNS Database University of Arizona ECE 596c – Cyber Security.
Office 365 SMTP Relay June Relay Method Send to rcpts in domain Relay to Internet via O365 Configuration Requirements Requires Authentication.
1 Information Systems 7/1/03 Tom Coppeto MIT Mail System Security Issues 1 July 2003.
SMTP Simple Mail Transfer Protocol. Content I.What is SMTP? II.History of SMTP III.General Features IV.SMTP Commands V.SMTP Replies VI.A typical SMTP.
Electronic Mail: SMTP, POP, and IMAP
DomainKeys Identified Mail (DKIM) D. Crocker Brandenburg InternetWorking mipassoc.org/mass  Derived from Yahoo DomainKeys and Cisco.
Lecturer : Ms.Trần Thị Ngọc Hoa Chapter 8 File Transfer Protocol – Simple Mail Transfer Protocol.
Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011 The Application Layer Chapter
Pilot project proposal: AffiL Affiliated domain names for trust Dave Crocker Brandenburg InternetWorking bbiw.net
Identity Based Sender Authentication for Spam Mitigation Sufian Hameed (FAST-NUCES) Tobias Kloht (University of Goetingen) Xiaoming Fu (University.
1 Introduction AfNOG CHIX 2011 Blantyre, Malawi By Evelyn NAMARA.
Electronic mail – protocol evolution. standards.
Mail Server Three major components MTA MUA MDA Mail Transfer Agent
PRINCIPLES – DNS – ARCHITECTURES – SPAM
Login Screen This is the Sign In page for the Dashboard New User Registration Enter Id and Password to sign In.
IST346 – Servies Agenda  What is ?  Policies  The technical side of  Components  Protocols  architecture  Security.
Webmail. Agenda Why use webmail? Why use webmail? What is webmail What is webmail – basic » system MDA MDA MTA MTA MUA MUA »Protocol SMTP SMTP.
CSIE 1 Filtering mail Speaker: Chung yu Wu Adviser: Quincy Wu Date: 2005/12/07.
TCP/IP Protocol Suite 1 Chapter 20 Upon completion you will be able to: Electronic Mail: SMTP, POP, and IMAP Understand four configurations of architecture.
DNS-based Message-Transit Authentication Techniques D. Crocker Brandenburg InternetWorking D. Crocker Brandenburg InternetWorking.
Prof. John A. Copeland fax Office: Klaus
Authentications INBOX Authentication Panel San Jose, CA – 2004 Dave Crocker Brandenburg InternetWorking INBOX Authentication Panel San Jose, CA –
A Trust Overlay for Operations: DKIM and Beyond Dave Crocker Brandenburg Internet Working bbiw.net Apricot / Perth 2006 Dave Crocker Brandenburg.
Message Authentication Signature Standards (MASS) BOF Jim Fenton Nathaniel Borenstein.
1 Dr. David MacQuigg, President Open-mail.org Stopping Abuse – An Engineer’s Perspective University of Arizona ECE 596c August 2006.
1 SMTP - Simple Mail Transfer Protocol –RFC 821 POP - Post Office Protocol –RFC 1939 Also: –RFC 822 Standard for the Format of ARPA Internet Text.
Spam: Ready, Fire, Aim! APCAUCE / APRICOT Kuala Lumpur – 2004 Dave Crocker Brandenburg InternetWorking APCAUCE / APRICOT Kuala Lumpur – 2004 Dave Crocker.
Responsible Submitter An SMTP Service Extension IETF 60 San Diego, CA Harry Katz Microsoft Corp. 8/4/2004.
A Retrospective on Future Anti-Spam Standards Internet Society of China Beijing – September, 2004 Dave Crocker Brandenburg InternetWorking
Module 2: Overview of IIS 7.0 Application Server.
Delivery for Spam Mitigation Usenix Security 2012 Gianluca Stringhini, Manuel Egele, Apostolis Zarras, Thorsten Holz, Christopher.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Application Layer Functionality and Protocols Network Fundamentals.
LinxChix And Exim. Mail agents MUA = Mail User Agent Interacts directly with the end user  Pine, MH, Elm, mutt, mail, Eudora, Marcel, Mailstrom,
SMTP Tapu Ahmed Jeremy Nunn. Basics Responsible for electronic mail delivery. Responsible for electronic mail delivery. Simple ASCII protocol that runs.
S/MIME (Secure/Multipurpose Internet Mail Extensions) security enhancement to MIME – original Internet RFC822 was text only – MIME provided.
SMTP - Simple Mail Transfer Protocol RFC 821
CITA 310 Section 6 Providing Services (Textbook Chapter 8)
Linux Operations and Administration Chapter Twelve Configuring a Mail Server.
Network Services. Domain Controllers: – Used for Account management (e.g. user accounts, group accounts Register Hardware like Printers and PC Authentication.
1 Architecture 2 User Agent 3 Message Transfer Agent 4 Message Access Agent 5 MIME 6 Web-Based Mail 7 Electronic Mail Security.
Discussion of OCP/SMTP profile and some Use cases Presented by Abbie Barbir
Draft-lemonade-imap-submit-00.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
Network Applications: DNS Y. Richard Yang 2/1/2016.
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
Application Layer instructors at St. Clair College in Windsor, Ontario for their slides. Special thanks to instructors at St. Clair College in Windsor,
PRIME: L. Levison D. Crocker Architecture Apps: Architecture SAAG:Security Considerations.
concepts & protocols
SMTP - Simple Mail Transfer Protocol POP - Post Office Protocol
An Application with Active Spoof Monitoring and Control
draft-lemonade-imap-submit-01.txt “Forward without Download”
Roadrunner Error 530 Call 1 (888) Toll-free
Social Media And Global Computing Sending
Unit – 4 Chap - 2 Mail Delivery System
Chapter 7 Network Applications
 Zone in name space  DNS IN THE INTERNET  Generic domains :There are fourteen generic domains, each specifying an organization type.
Presentation transcript:

Certified Server Validation (CSV) “ An MTA is talking to me directly. Are they OK?” D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36 AM D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36 AM MIPA

2 2 D. CrockerIntroduction to CSV Security Functions Assess the safety of an agent TermFunctionIdentification Who does this purport to be? Authentication Is it really them? Authorization What are they allowed to do? Accreditation Is the entity giving them that permission itself recommended?

3 3 MIPA D. CrockerIntroduction to CSV Choosing Who to Make Accountable Who Source of Identity ID Type Proposal Neighbor Site IP layerIP network Neighbor MTA IP layerIP Neighbor Admin SMTP EHLO DomainCSV Intermediary MTA Received headerDomain Submitter Envelope bounce address /Domain SPF, BATV Submitter Content sender /Domain Sender-ID, DomainKeys Author Content author /DomainIIM

4 4 MIPA D. CrockerIntroduction to CSV Path(s) Can Be Complicated MUAMSA MTA MTA MDA MUA MTA MTA MTA MTA MTA MTA MTA MTA MDA MUA Mail Agents MUA = User MSA = Submission MTA= Transfer MDA= Delivery

5 5 MIPA D. CrockerIntroduction to CSV Path Registration Schemes Source assesses MTAs along the path MUA MSA MTA 1 MDA MUA MTA 3 MTA 2 Now do this for every recipient! Is MSA ok? Is MTA 1 ok? Is MTA 2 ok? Is MTA 3 ok? MSA Admin MSA MTA 1 MTA 2 MTA 3 MSA Admin MSA MTA 1 MTA 2 MTA 3 MSA admin registers authorized MTAs DNS

6 6 MIPA D. CrockerIntroduction to CSV Certified Server Validation Local operator authorizes their own MTA MUA MSA MTA 1 MDA MUA MTA 3 MTA 2 MTA 1 OK? MTA 3 OK? MTA 2 OK? MSA OK? MSA Admin MSA MTA 1 Admin MTA 1 MTA 2 Admin MTA 2 MTA 3 Admin MTA 3 Register DNS

7 7 MIPA D. CrockerIntroduction to CSV CSV In Operation FunctionFunctionsIdentification SMTP neighbor sends HELO domain-name Authentication HELO name in DNS lists MTA's IP address? Authorization HELO name in DNS authorizes MTA to send ? Accreditation 1) HELO name in DNS may list accreditors 2) Accreditors may list recommendation of HELO name in DNS

8 8 MIPA D. CrockerIntroduction to CSV To follow-up…  Mailing list  CSV specificationshttp://ietf.org/internet-drafts/… draft-ietf-marid-csv-intro-01  Client SMTP Validation (CSV) draft-ietf-marid-csv-intro-01 draft-ietf-marid-csv-csa-01  Client SMTP Authorization (CSA) draft-ietf-marid-csv-csa-01 draft-ietf-marid-csv-dna-01  Domain Name Accreditation (DNA) draft-ietf-marid-csv-dna-01  Internet mail architecture  draft-crocker- -arch-01.txt  Mailing list  CSV specificationshttp://ietf.org/internet-drafts/… draft-ietf-marid-csv-intro-01  Client SMTP Validation (CSV) draft-ietf-marid-csv-intro-01 draft-ietf-marid-csv-csa-01  Client SMTP Authorization (CSA) draft-ietf-marid-csv-csa-01 draft-ietf-marid-csv-dna-01  Domain Name Accreditation (DNA) draft-ietf-marid-csv-dna-01  Internet mail architecture  draft-crocker- -arch-01.txt

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.