IETF Logo Mail Archive

Re: [Asrg] RMX and MUAs

Hadmut Danisch <hadmut@danisch.de> Wed, 07 May 2003 08:27 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA20656 for <asrg-archive@odin.ietf.org>; Wed, 7 May 2003 04:27:04 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h478ZwA24880 for asrg-archive@odin.ietf.org; Wed, 7 May 2003 04:35:58 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h478Zw824877 for <asrg-web-archive@optimus.ietf.org>; Wed, 7 May 2003 04:35:58 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA20608; Wed, 7 May 2003 04:26:34 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DKI4-0006VX-00; Wed, 07 May 2003 04:28:40 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19DKI3-0006VU-00; Wed, 07 May 2003 04:28:39 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h478YD824738; Wed, 7 May 2003 04:34:13 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h478Lg823965 for <asrg@optimus.ietf.org>; Wed, 7 May 2003 04:21:42 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA20225 for <asrg@ietf.org>; Wed, 7 May 2003 04:12:18 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19DK4F-0006Od-00 for asrg@ietf.org; Wed, 07 May 2003 04:14:23 -0400
Received: from sklave3.rackland.de ([213.133.101.23]) by ietf-mx with esmtp (Exim 4.12) id 19DK4E-0006Oa-00 for asrg@ietf.org; Wed, 07 May 2003 04:14:22 -0400
Received: from sodom (uucp@localhost) by sklave3.rackland.de (8.12.9/8.12.9/Debian-1) with BSMTP id h478F5hT001371; Wed, 7 May 2003 10:15:05 +0200
Received: (from hadmut@localhost) by sodom.home.danisch.de (8.12.9/8.12.9/Debian-1) id h478C6bq002844; Wed, 7 May 2003 10:12:06 +0200
From: Hadmut Danisch <hadmut@danisch.de>
To: Daniel Erat <dan@erat.org>
Cc: asrg@ietf.org
Subject: Re: [Asrg] RMX and MUAs
Message-ID: <20030507081205.GC1597@danisch.de>
References: <20030507052628.GA2718@bok.har>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20030507052628.GA2718@bok.har>
User-Agent: Mutt/1.4i
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Wed, 07 May 2003 10:12:05 +0200

On Tue, May 06, 2003 at 10:26:28PM -0700, Daniel Erat wrote:

> If RMX use becomes widespread, spammers will likely avoid rejections
> by adding RMX records for their own domains, using empty MAIL FROM
> addresses, and using forged MAIL FROM addresses belonging to domains
> that have not added RMX records.  I see nothing to prevent spammers
> from continuing to use forged RFC 822 From: addresses, though.


This is indeed an important point (which I addressed in my draft).

The empty envelope sender address is a severe problem which 
could be abused by spammers, no doubt. This is broken by design
and not easy to fix. However, these mails are limited to a certain
class of error messages. There are other ways to cope with it,
e.g. could they be required to have a reply-to header to a 
message-id of a former message recently delivered. Or need to 
have a subject of an error message. But I do agree that this 
empty sender address is a design flaw (of SMTP).

Another problem is that MUAs do display the From: address only.
This is not a severe problem, since the RMX does not require
user interaction. RMX works without needing the MUA to display
the envelope sender address.

There are two reasons why my draft didn't cover the From: address:

- The receiving MTA simply doesn't know it before receiving the
  full message body. RMX was designed to be effective in a very
  early state of message transmission, i.e. after MAIL FROM

- The semantic of the From: header line is not very clear, especially
  in context of forwarding, mailing lists and "message bouncing".

  Take this particular message you are reading right now (you
  get it twice, take the version that came from the mailing list processor)
  It comes from the ASRG mailing list, so it has an envelope sender
  address from ietf.org. That's what is used to be verified by RMX.

  But the From: header line says hadmut@danisch.de, because that's
  the message's content. The sender of the message is ietf.org, and
  it says the author of the body is hadmut@danisch.de. 

  It is this subtile difference in semantic that makes it difficult
  to use the From: header line for authentication. 

  If you want to have transfer authenticity, you need to use
  the transfer address (e.g. RMX)

  If you want to have content related authenticity, you need to 
  use the body address (e.g. with PGP or S/MIME). This does provide
  a very high level of security, but it is unrealistic to believe
  that we could get this deployed world wide.


Hadmut




_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

v2.23.0 | Report a Bug | By Email