RE: [Asrg] Re: RMX evaluation / Paul Vixie's procedure

"Eric D. Williams" <eric@infobro.com> Tue, 13 May 2003 15:28 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA16717 for <asrg-archive@odin.ietf.org>; Tue, 13 May 2003 11:28:53 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id h4DEsvd32604 for asrg-archive@odin.ietf.org; Tue, 13 May 2003 10:54:57 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4DEsvB32601 for <asrg-web-archive@optimus.ietf.org>; Tue, 13 May 2003 10:54:57 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA16701; Tue, 13 May 2003 11:28:23 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19FbjO-00050p-00; Tue, 13 May 2003 11:30:18 -0400
Received: from ietf.org ([132.151.1.19] helo=www1.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 19FbjO-00050m-00; Tue, 13 May 2003 11:30:18 -0400
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4DEq8B32436; Tue, 13 May 2003 10:52:08 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4DEpOB32393 for <asrg@optimus.ietf.org>; Tue, 13 May 2003 10:51:24 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA16540 for <asrg@ietf.org>; Tue, 13 May 2003 11:24:49 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19Fbfx-0004xj-00 for asrg@ietf.org; Tue, 13 May 2003 11:26:45 -0400
Received: from black.infobro.com ([63.71.25.39] helo=infobro.com) by ietf-mx with smtp (Exim 4.12) id 19Fbfw-0004xR-00 for asrg@ietf.org; Tue, 13 May 2003 11:26:44 -0400
Received: from red (unverified [207.199.136.153]) by infobro.com (EMWAC SMTPRS 0.83) with SMTP id <B0002483229@infobro.com>; Tue, 13 May 2003 11:27:06 -0400
Received: by localhost with Microsoft MAPI; Tue, 13 May 2003 11:27:06 -0400
Message-ID: <01C31942.95A6FA30.eric@infobro.com>
From: "Eric D. Williams" <eric@infobro.com>
To: "'william@elan.net'" <william@elan.net>, Tom Thomson <tthomson@neosinteractive.com>
Cc: "asrg@ietf.org" <asrg@ietf.org>
Subject: RE: [Asrg] Re: RMX evaluation / Paul Vixie's procedure
Organization: Information Brokers, Inc.
X-Mailer: Microsoft Internet E-mail/MAPI - 8.0.0.4211
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/pipermail/asrg/>
Date: Tue, 13 May 2003 11:17:56 -0400
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit

It seems to me that validating a mailing list delivery the transaction would go 
something like:

mail from: thelistsoftware@domain.name
rcpt to: thelistrecipient@otherdomain.name

the from may very well say:

From: somelistposter@stillanotherdomain.name
To: thelist@domain.name, someotherposter@quitealongdomain.name
Cc: me@mydomain.name

[content]

Where RMX does its check (mail-from) the 'tests' would not fail, ie. the list 
software is valid for originating mail from thelistsoftware@domain.name.  I do 
see your point with further checks on the message content headers, but it does 
not appear that the RMX check (as currently proposed) would fail in that 
regard.  Further, if the list software were to deliver with the following 
envelope:

mail from: somelistposter@stillanotherdomain.name
rcpt to: thelistrecipient@otherdomain.name

The RMX check would fail appropriately, as the delivering system (the list 
system) is/would not be allowed to envelope a message using that information. 
 Where you state the MUA may do header re-writing to some effect e.g. adding a 
sender line for example Sender: somelistposter@stillanotherdomain.name.  That 
would be appropriate however, if the line were Sender: 
thelistsoftware@domain.name, while not inaccurate may lead to end-user 'issues' 
with determining an appropriate originator (though not an inaccurate 
originator).

It seems to me that is an implementation issue in two places, a) with the list 
software developer - "am I friendly to RMX capable MTAs" and b) the MUA 
developer - "does my MUA support header rewriting in a way friendly to list 
software"; there may be a third issue with MTA header re-writing (in the first 
case), but IMHO that is not an MUA issue except where it intersects with 
end-user/UI usability (read expected behavior) issues.  Also, I don't think RMX 
considers (in-depth) header rewriting because the FSM of RMX is not involved 
directly in that process.

-e

On Tuesday, May 13, 2003 5:49 AM, william@elan.net [SMTP:william@elan.net] 
wrote:
> You'v already answered your own question. The client/end-user mail reader
> is adding "Sender:" header to the email, that is not a proper behavior,
> the sender should be added by sending MUA or MTA. ...
8<...>8
> The problem is that if you were using "From:" header for RMX validation
> you would as in example below see "william@elan.net" but actual message
> came from "ietf.org" server and so the mail would not be validated and
> would fail RMX. Using "Sender:" headeris also not possible since "Sender:"
> could have been set by by MUA (mine is configured not to do that) and then
> there are different maillist programs and majority will actually not set
> "Sender" or will not reset it to themselve if header already exists
> (some will add 2nd "Sender:" header, but this is rare and considered a bug,
> though I think RFC2828 does not explicitly forbid this), so again it fails
> with mail lists. This leaves MAIL FROM to be used for RMX validation and
> this is what all current RMX-like drafts propose. But as you quite well
> illustrated the MAIL FROM is not even seen by end-users and it means
> spammer can use one domain for MAIL-FROM (which would random domain
> without any RMX record) and use another domain for "From:" and most users
> will still consider email as having come from the listed "From:" address.
> And as for the "Sender:" header, spammers quite often set that as well.
>
> On Tue, 13 May 2003, Tom Thomson wrote:
>
> > william@elan.net wrote on 09 May 2003 at 06:06
...
> > I've appended below the email headers that Outlook reports for the message
> > to which I am replying.  If you think any of these is not correct (ie
> > Outloook has got it wrong) please let me know and I'll take it up with M$.
> > If you don't think any of it is wrong, perhaps you'll not make silly
> > accusations about Outlook in future.
...
> > Received: from www1.ietf.org ([132.151.1.19]) by mail.neosinteractive.com
> > with Microsoft SMTPSVC(5.0.2195.5329);
> > 	 Fri, 9 May 2003 13:29:26 +0100
> > Received: from www1.ietf.org (localhost.localdomain [127.0.0.1])
> > 	by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4982I811640;
> > 	Fri, 9 May 2003 04:02:18 -0400
> > Received: from ietf.org (odin.ietf.org [132.151.1.176])
> > 	by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h497xr811361
> > 	for <asrg@optimus.ietf.org>; Fri, 9 May 2003 03:59:53 -0400
> > Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1])
> > 	by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA08152
> > 	for <asrg@ietf.org>; Fri, 9 May 2003 03:49:32 -0400 (EDT)
> > From: william@elan.net
> > Received: from ietf-mx ([132.151.6.1])
> > 	by ietf-mx with esmtp (Exim 4.12)
> > 	id 19E2fG-0002N4-00
> > 	for asrg@ietf.org; Fri, 09 May 2003 03:51:34 -0400
> > Received: from sokol.elan.net ([216.151.192.200])
> > 	by ietf-mx with esmtp (Exim 4.12)
> > 	id 19E2fF-0002N1-00
> > 	for asrg@ietf.org; Fri, 09 May 2003 03:51:33 -0400
> > Received: from sokol.elan.net (localhost.localdomain [127.0.0.1])
> > 	by sokol.elan.net (8.12.5/8.12.5) with ESMTP id h495627W017107
> > 	for <asrg@ietf.org>; Thu, 8 May 2003 22:06:02 -0700
> > Received: from localhost (william@localhost)
> > 	by sokol.elan.net (8.12.5/8.12.5/Submit) with ESMTP id h49562ML017103
> > 	for <asrg@ietf.org>; Thu, 8 May 2003 22:06:02 -0700
> > X-Authentication-Warning: sokol.elan.net: william owned process doing -bs
> > To: asrg@ietf.org
> > Subject: Re: [Asrg] Re: RMX evaluation / Paul Vixie's procedure
> > In-Reply-To: <200305090131.33356@grx>
> > Message-ID: <Pine.LNX.4.44.0305082050400.1089-100000@sokol.elan.net>
> > MIME-Version: 1.0
> > Content-Type: TEXT/PLAIN; charset=US-ASCII
> > Sender: asrg-admin@ietf.org
> > Errors-To: asrg-admin@ietf.org
> > X-BeenThere: asrg@ietf.org
> > X-Mailman-Version: 2.0.12
> > Precedence: bulk
> > List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,
> > 	<mailto:asrg-request@ietf.org?subject=unsubscribe>
> > List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
> > List-Post: <mailto:asrg@ietf.org>
> > List-Help: <mailto:asrg-request@ietf.org?subject=help>
> > List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,
> > 	<mailto:asrg-request@ietf.org?subject=subscribe>
> > List-Archive: <https://www1.ietf.org/pipermail/asrg/>
> > Date: Thu, 8 May 2003 22:06:02 -0700 (PDT)
> > Return-Path: asrg-admin@ietf.org
> > X-OriginalArrivalTime: 09 May 2003 12:29:26.0747 (UTC)
> > FILETIME=[A15052B0:01C31626]
>
> _______________________________________________
> Asrg mailing list
> Asrg@ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg