Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certified Server Validation (CSV) “ An MTA is talking to me directly. Are they OK?” D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36.

Published byJulianna Mills Modified over 8 years ago

Similar presentations

Presentation on theme: "Certified Server Validation (CSV) “ An MTA is talking to me directly. Are they OK?” D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36."— Presentation transcript:

1 Certified Server Validation (CSV) “ An MTA is talking to me directly. Are they OK?” D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36 AM D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36 AM MIPA

2 2 2 D. CrockerIntroduction to CSV Email Security Functions Assess the safety of an agent TermFunctionIdentification Who does this purport to be? Authentication Is it really them? Authorization What are they allowed to do? Accreditation Is the entity giving them that permission itself recommended?

3 3 3 MIPA D. CrockerIntroduction to CSV Choosing Who to Make Accountable Who Source of Identity ID Type Proposal Neighbor Site IP layerIP network Neighbor MTA IP layerIP Neighbor Admin SMTP EHLO DomainCSV Intermediary MTA Received headerDomain Submitter Envelope bounce address Email/Domain SPF, BATV Submitter Content senderEmail/Domain Sender-ID, DomainKeys Author Content authorEmail/DomainIIM

4 4 4 MIPA D. CrockerIntroduction to CSV Email Path(s) Can Be Complicated MUAMSA MTA MTA MDA MUA MTA MTA MTA MTA MTA MTA MTA MTA MDA MUA Mail Agents MUA = User MSA = Submission MTA= Transfer MDA= Delivery

5 5 5 MIPA D. CrockerIntroduction to CSV Path Registration Schemes Source assesses MTAs along the path MUA MSA MTA 1 MDA MUA MTA 3 MTA 2 Now do this for every recipient! Is MSA ok? Is MTA 1 ok? Is MTA 2 ok? Is MTA 3 ok? MSA Admin MSA MTA 1 MTA 2 MTA 3 MSA Admin MSA MTA 1 MTA 2 MTA 3 MSA admin registers authorized MTAs DNS

6 6 6 MIPA D. CrockerIntroduction to CSV Certified Server Validation Local operator authorizes their own MTA MUA MSA MTA 1 MDA MUA MTA 3 MTA 2 MTA 1 OK? MTA 3 OK? MTA 2 OK? MSA OK? MSA Admin MSA MTA 1 Admin MTA 1 MTA 2 Admin MTA 2 MTA 3 Admin MTA 3 Register DNS

7 7 7 MIPA D. CrockerIntroduction to CSV CSV In Operation FunctionFunctionsIdentification SMTP neighbor sends HELO domain-name Authentication HELO name in DNS lists MTA's IP address? Authorization HELO name in DNS authorizes MTA to send email? Accreditation 1) HELO name in DNS may list accreditors 2) Accreditors may list recommendation of HELO name in DNS

8 8 8 MIPA D. CrockerIntroduction to CSV To follow-up…  Mailing list http://mipassoc.org/mailman/listinfo/ietf-clear  CSV specificationshttp://ietf.org/internet-drafts/… draft-ietf-marid-csv-intro-01  Client SMTP Validation (CSV) draft-ietf-marid-csv-intro-01 draft-ietf-marid-csv-csa-01  Client SMTP Authorization (CSA) draft-ietf-marid-csv-csa-01 draft-ietf-marid-csv-dna-01  Domain Name Accreditation (DNA) draft-ietf-marid-csv-dna-01  Internet mail architecture  draft-crocker-email-arch-01.txt  Mailing list http://mipassoc.org/mailman/listinfo/ietf-clear  CSV specificationshttp://ietf.org/internet-drafts/… draft-ietf-marid-csv-intro-01  Client SMTP Validation (CSV) draft-ietf-marid-csv-intro-01 draft-ietf-marid-csv-csa-01  Client SMTP Authorization (CSA) draft-ietf-marid-csv-csa-01 draft-ietf-marid-csv-dna-01  Domain Name Accreditation (DNA) draft-ietf-marid-csv-dna-01  Internet mail architecture  draft-crocker-email-arch-01.txt

Download ppt "Certified Server Validation (CSV) “ An MTA is talking to me directly. Are they OK?” D. Crocker Brandenburg InternetWorking mipassoc.org/csv 10/8/2015 6:36."

Similar presentations

Introduction to the Anti-Spam Research Group (ASRG) Presented by Yakov Shafranovich, ASRG Co-chair NIST Spam Technology Workshop Gaithersburg, Maryland,

Introduction to the Anti-Spam Research Group (ASRG) Presented by Yakov Shafranovich, ASRG Co-chair NIST Spam Technology Workshop Gaithersburg, Maryland,
Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.

Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.

How Will Authentication Reduce Global Spam? OECD Anti-Spam Task Force Pusan – September, 2004 Dave Crocker Brandenburg InternetWorking OECD Anti-Spam Task.
Email Protocols and Troubleshooting Brandon Checketts.

Protocols and Troubleshooting Brandon Checketts.
© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.

© 2007 Convio, Inc. Implementation of Sender ID Bill Pease, Chief Scientist Convio.
D. CrockerIntroduction to BATV 1 MIPA Bounce Address Tag Validation (BATV) “Was use of the bounce address authorized?” D. Crocker Brandenburg InternetWorking.

D. CrockerIntroduction to BATV 1 MIPA Bounce Address Tag Validation (BATV) “Was use of the bounce address authorized?” D. Crocker Brandenburg InternetWorking.
Sender ID Drafts Jim Lyon Microsoft Corporation 4 August 2004.

Sender ID Drafts Jim Lyon Microsoft Corporation 4 August 2004.
INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)

INTRANET MAIL SERVER (DESIGN OF SMTP and POP3)
System Aspects of Spam Control Architecture and Operations Issues IBM Academy 6 Apr 2005 Dave Crocker Brandenburg InternetWorking IBM.

System Aspects of Spam Control Architecture and Operations Issues IBM Academy 6 Apr 2005 Dave Crocker Brandenburg InternetWorking IBM.
The Application Layer Chapter 7. Where are we now?

The Application Layer Chapter 7. Where are we now?
1 Dr. David MacQuigg Research Associate Autonomic Computing Laboratory Autonomic Trust System – Verify Identity and Assess Reputation University of Arizona.

1 Dr. David MacQuigg Research Associate Autonomic Computing Laboratory Autonomic Trust System – Verify Identity and Assess Reputation University of Arizona.
1 Dr. David MacQuigg Research Associate Autonomic Computing Laboratory Email System – The most important application of computer networks University of.

1 Dr. David MacQuigg Research Associate Autonomic Computing Laboratory System – The most important application of computer networks University of.
Exchange server 2003. Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.

Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
1 Dr. David MacQuigg, President Open-mail.org Registry of Public Email Senders™ –A Secure DNS Database University of Arizona ECE 596c – Cyber Security.

1 Dr. David MacQuigg, President Open-mail.org Registry of Public Senders™ –A Secure DNS Database University of Arizona ECE 596c – Cyber Security.
Office 365 SMTP Relay June 2013. Relay Method Send to rcpts in domain Relay to Internet via O365 Configuration Requirements Requires Authentication.

Office 365 SMTP Relay June Relay Method Send to rcpts in domain Relay to Internet via O365 Configuration Requirements Requires Authentication.
1 Information Systems 7/1/03 Tom Coppeto MIT Mail System Security Issues 1 July 2003.

1 Information Systems 7/1/03 Tom Coppeto MIT Mail System Security Issues 1 July 2003.
SMTP Simple Mail Transfer Protocol. Content I.What is SMTP? II.History of SMTP III.General Features IV.SMTP Commands V.SMTP Replies VI.A typical SMTP.

SMTP Simple Mail Transfer Protocol. Content I.What is SMTP? II.History of SMTP III.General Features IV.SMTP Commands V.SMTP Replies VI.A typical SMTP.
Electronic Mail: SMTP, POP, and IMAP

Electronic Mail: SMTP, POP, and IMAP
DomainKeys Identified Mail (DKIM) D. Crocker Brandenburg InternetWorking mipassoc.org/mass  Derived from Yahoo DomainKeys and Cisco.

DomainKeys Identified Mail (DKIM) D. Crocker Brandenburg InternetWorking mipassoc.org/mass  Derived from Yahoo DomainKeys and Cisco.
Lecturer : Ms.Trần Thị Ngọc Hoa Chapter 8 File Transfer Protocol – Simple Mail Transfer Protocol.

Lecturer : Ms.Trần Thị Ngọc Hoa Chapter 8 File Transfer Protocol – Simple Mail Transfer Protocol.

Similar presentations

Ads by Google