Groups | Search | Server Info | Login | Register

Groups > comp.mail.uucp > #94

Re: pathalias program

From Grant Taylor <gtaylor@tnetconsulting.net>
Newsgroups comp.mail.uucp
Subject Re: pathalias program
Date 2019-09-04 11:01 -0600
Organization TNet Consulting
Message-ID <qkoqk1$6d4$1@tncsrv09.home.tnetconsulting.net> (permalink)
References <0648b954-455c-4efb-bed6-3b0746ddd062@googlegroups.com> <45647e5d-1548-4df3-96bc-18f792f75fae@googlegroups.com> <a66ad127-88da-42e5-a93b-08a792ae0653@googlegroups.com> <qkjf9m$738$1@tncsrv09.home.tnetconsulting.net> <156755729340.21828.9480217581670103312@pacman.vsta.org>

Show all headers | View raw

On 9/3/19 6:34 PM, Andy Valencia wrote:
> It'd nice if your peers were known quantities.

I'll agree that it would be /nice/ to know things about peers.  But I 
don't think that's a /requirement/.

I think it largely depends if you view your peers as terminal (B2B type) 
connections, or transit.

> The whole "hey, anybody, drop mail in port 25" thing has turned out 
> pretty ugly.

Yep.

> If each node vets its connections,

What does "vet" mean to you in this context?  Are you relaying 
everything / anything to and / or from a peer?  Does this include things 
that they relay for other peers?  Are you selectively relaying known 
addresses to avoid Joe Jobs?  What?

I would think that most entities would have a UUCP gateway, be it theirs 
or outsourced, and that said gateway would be able to establish direct 
connections with other UUCP systems.  Such a UUCP gateway would 
inherently be configured to (selectively) relay as part of it's gateway 
role.

I'm having trouble understanding why / how many entities would need 
multi-hop UUCP paths that can't form a direct connection.  Think 
external bastion hosts / gateways for organizations.  I get why things 
behind such gateways would need to pass through it and couldn't 
establish direct inbound (or possibly outbound) connections.

I can also see why organizations might not want the hosts behind such 
gateways to be public knowledge.  —  There's no point in advertising 
something publicly if the public doesn't need the information. 
Especially when you can give the information to the peers that need it.

> and if you had some crypto signing so paths can't be spoofed, seems 
> like you could push back on some systemic misbehaviors.

That sounds like you're fundamentally altering how various UUCP 
implementations operate.

I would think that a modern UUCP path would be relatively short.

hostA1\                            /hostB1
hostA2-gatewayA-(internet)-gatewayB-hostB2
hostA3/                            \hostB3

As such, I'd think that gatewayA and gatewayB could relatively easily 
configure filtering of what hosts they will allow inbound and / or 
outbound relaying for.

Admittedly, it's been a few years since I looked at the filtering syntax 
of Taylor UUCP (no known relation) to say for sure, but I *REALLY* 
thought that it was possible to do such filtering.  …  Skimming the 
documentation, it looks like forward-to and forward-from in the sys file 
are what I'm talking about.  I'd have to play with things to learn what 
the fan-out is and how it relates to the connecting host vs further away 
hosts passing through said host.

I feel like gatewayA and gatewayB can judiciously configure their UUCP 
such that it would be nearly impossible for spoofing.  E.g. gatewayA 
trusts that gatewayB has properly configures things such that gatewayB 
will only forward from hostB1–hostB3 and that each of those hosts is not 
doing any forwarding of their own.  And vice versa.



-- 
Grant. . . .
unix || die

Back to comp.mail.uucp | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

pathalias program Radim Kolář <kolar.radim@gmail.com> - 2019-08-24 11:36 -0700
  Re: pathalias program Grant Taylor <gtaylor@tnetconsulting.net> - 2019-08-27 15:54 -0600
    Re: pathalias program Radim Kolář <kolar.radim@gmail.com> - 2019-08-27 22:33 -0700
    Re: pathalias program bje@ripco.com - 2019-08-28 11:42 +0000
      Re: pathalias program Grant Taylor <gtaylor@tnetconsulting.net> - 2019-08-28 20:25 -0600
  Re: pathalias program Radim Kolář <kolar.radim@gmail.com> - 2019-08-31 23:40 -0700
    Re: pathalias program Grant Taylor <gtaylor@tnetconsulting.net> - 2019-09-02 10:18 -0600
      Re: pathalias program Radim Kolář <kolar.radim@gmail.com> - 2019-09-03 11:54 -0700
        Re: pathalias program Grant Taylor <gtaylor@tnetconsulting.net> - 2019-09-04 08:58 -0600
      Re: pathalias program Andy Valencia <vandys@vsta.org> - 2019-09-03 17:34 -0700
        Re: pathalias program Grant Taylor <gtaylor@tnetconsulting.net> - 2019-09-04 11:01 -0600
        Re: pathalias program Andy Valencia <vandys@vsta.org> - 2019-09-05 11:38 -0700

csiph-web