[messaging] Google End-to-End plans on using key directories with a CT-like verification protocol
Moxie Marlinspike
moxie at thoughtcrime.org
Thu Aug 28 13:24:15 PDT 2014
On 08/28/2014 01:08 PM, Mike Hearn wrote:
> 3) It creates a potential SPAM problem.
>
>
> Just re: the spam issues in general (I used to work on the Gmail spam
> team), most spam is filtered based on two pieces of metadata:
>
> 1) Origin IP reputations
> 2) Link url domain reputations
>
> This gets you to perhaps 90%+ coverage immediately. There are many other
> message features used to filter spam, but those two do the overwhelming
> majority of the work. Comparatively little spam is filtered based on raw
> text analysis.
Sorry I wasn't more clear. I was referring to the fact that the
directory would be openly publishing a list of everyone's email
addresses. Even if you hash them, they're pretty trivially invertible.
I don't know much about the state of the art of spam filtering these
days, so it might be that this isn't a problem, but it doesn't seem great.
- moxie
--
http://www.thoughtcrime.org
More information about the Messaging
mailing list