Re: [Asrg] RMX and MUAs
Hadmut Danisch <hadmut@danisch.de> Wed, 07 May 2003 08:27 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA20656 for <asrg-archive@odin.ietf.org>; Wed, 7 May 2003 04:27:04 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h478ZwA24880 for asrg-archive@odin.ietf.org; Wed, 7 May 2003 04:35:58 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h478Zw824877 for <asrg-web-archive@optimus.ietf.org>; Wed, 7 May 2003 04:35:58 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA20608; Wed, 7 May 2003 04:26:34 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DKI4-0006VX-00; Wed, 07 May 2003 04:28:40 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19DKI3-0006VU-00; Wed, 07 May 2003 04:28:39 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h478YD824738; Wed, 7 May 2003 04:34:13 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h478Lg823965 for <asrg@optimus.ietf.org>; Wed, 7 May 2003 04:21:42 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA20225 for <asrg@ietf.org>; Wed, 7 May 2003 04:12:18 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DK4F-0006Od-00 for asrg@ietf.org; Wed, 07 May 2003 04:14:23 -0400
Received: from sklave3.rackland.de ([213.133.101.23]) by ietf-mx with esmtp (Exim 4.12) id 19DK4E-0006Oa-00 for asrg@ietf.org; Wed, 07 May 2003 04:14:22 -0400
Received: from sodom (uucp@localhost) by sklave3.rackland.de (8.12.9/8.12.9/Debian-1) with BSMTP id h478F5hT001371; Wed, 7 May 2003 10:15:05 +0200
Received: (from hadmut@localhost) by sodom.home.danisch.de (8.12.9/8.12.9/Debian-1) id h478C6bq002844; Wed, 7 May 2003 10:12:06 +0200
From: Hadmut Danisch <hadmut@danisch.de>
To: Daniel Erat <dan@erat.org>
Cc: asrg@ietf.org
Subject: Re: [Asrg] RMX and MUAs
Message-ID: <20030507081205.GC1597@danisch.de>
References: <20030507052628.GA2718@bok.har>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20030507052628.GA2718@bok.har>
User-Agent: Mutt/1.4i
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Wed, 07 May 2003 10:12:05 +0200
On Tue, May 06, 2003 at 10:26:28PM -0700, Daniel Erat wrote: > If RMX use becomes widespread, spammers will likely avoid rejections > by adding RMX records for their own domains, using empty MAIL FROM > addresses, and using forged MAIL FROM addresses belonging to domains > that have not added RMX records. I see nothing to prevent spammers > from continuing to use forged RFC 822 From: addresses, though. This is indeed an important point (which I addressed in my draft). The empty envelope sender address is a severe problem which could be abused by spammers, no doubt. This is broken by design and not easy to fix. However, these mails are limited to a certain class of error messages. There are other ways to cope with it, e.g. could they be required to have a reply-to header to a message-id of a former message recently delivered. Or need to have a subject of an error message. But I do agree that this empty sender address is a design flaw (of SMTP). Another problem is that MUAs do display the From: address only. This is not a severe problem, since the RMX does not require user interaction. RMX works without needing the MUA to display the envelope sender address. There are two reasons why my draft didn't cover the From: address: - The receiving MTA simply doesn't know it before receiving the full message body. RMX was designed to be effective in a very early state of message transmission, i.e. after MAIL FROM - The semantic of the From: header line is not very clear, especially in context of forwarding, mailing lists and "message bouncing". Take this particular message you are reading right now (you get it twice, take the version that came from the mailing list processor) It comes from the ASRG mailing list, so it has an envelope sender address from ietf.org. That's what is used to be verified by RMX. But the From: header line says hadmut@danisch.de, because that's the message's content. The sender of the message is ietf.org, and it says the author of the body is hadmut@danisch.de. It is this subtile difference in semantic that makes it difficult to use the From: header line for authentication. If you want to have transfer authenticity, you need to use the transfer address (e.g. RMX) If you want to have content related authenticity, you need to use the body address (e.g. with PGP or S/MIME). This does provide a very high level of security, but it is unrealistic to believe that we could get this deployed world wide. Hadmut _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- [Asrg] RMX and MUAs Daniel Erat
- RE: [Asrg] RMX and MUAs Eric D. Williams
- Re: [Asrg] RMX and MUAs Hadmut Danisch
- Re: [Asrg] RMX and MUAs Daniel Erat
- Re: [Asrg] RMX and MUAs Hadmut Danisch
- Re: [Asrg] RMX and MUAs Michael Rubel