Re: [Bimi] Thoughts about MUA/BIMI
Todd Herr <todd.herr@valimail.com> Thu, 11 August 2022 14:38 UTC
Return-Path: <todd.herr@valimail.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E594EC14F74D for <bimi@ietfa.amsl.com>; Thu, 11 Aug 2022 07:38:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.105
X-Spam-Level:
X-Spam-Status: No, score=-2.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zli0eoyLcmiR for <bimi@ietfa.amsl.com>; Thu, 11 Aug 2022 07:38:28 -0700 (PDT)
Received: from mail-yb1-xb2c.google.com (mail-yb1-xb2c.google.com [IPv6:2607:f8b0:4864:20::b2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0849DC14F74B for <bimi@ietf.org>; Thu, 11 Aug 2022 07:38:27 -0700 (PDT)
Received: by mail-yb1-xb2c.google.com with SMTP id 21so28576400ybf.4 for <bimi@ietf.org>; Thu, 11 Aug 2022 07:38:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc; bh=P9LeMA+NuV98ruclYYpgrCB7ZhcIQ9IZaAUBUSF27X8=; b=cVXBcZBYZU0ReOCpY/D0GgHJ3/0bOMpwrpGRO+F7qcjZwzcYeDnS+UBEeZA8V+nuZr 5jSb/Sm/+nreec4XpmSJr9/r+3htYPn07BOhEnlLraQUKM7KO7lMqaQaBJeblUXScuXc nvCE42Qf9YRGVcx/TR/HWeqAY1ekIpS8GpnBNEak6xDscNSTwaZqNDTT8ExHRu9pHsA6 oly8x2bwj03XZomXenv1dLvGK5795Rbv/50atH7wbdq2Vq2eaHogT+xh0Z/L4O7dUjOr mLNqBRhwXsNN9s3SD5d54jT5mAvzJZ3PwNoJEW/g5Ies/M8KOjZ3fINeMsHnsimMa1jy 2Tbg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc; bh=P9LeMA+NuV98ruclYYpgrCB7ZhcIQ9IZaAUBUSF27X8=; b=iH/qZNvHwAv0NYeRBeS+yo90l2rcBJZ8CwjK0awbjiMhFOyq4yRro8YZdVCcNa/q0O jWXXmnQN1ueYSCRsYHAfPdNIwqhwzUM2CNvcO0+jQ9TkNkb1vpcNrABOy6RQ0SnbI7Oo fV9rscyFNxTWMLpPNQmTuTP73isDzEvk9cSXo4r3s1I78GmP3otfpeicpynx0rqFkbUG 4YnVMHE+E283BQloMVZMduf+pmouzXX2Z3iA5xHQLSTKf1S4xAbaUDd4hNlCCDJjylzw ggxxex5pMDBjtQVXSZM+KCffhtNHXZxj9Fa3iwXpDaFzaIa3y5qYjqC73zVGhg/OMbI+ TWog==
X-Gm-Message-State: ACgBeo20+81L/Gl0HUxLcN45vmTOgLv+4u1mcF9kLdmNQ1K1AXS4gPmy h52Wz5Tw5FkGdwyZXm1vnOvQBGzjQT36FVleS7C/qVXcWjY=
X-Google-Smtp-Source: AA6agR5LI1plUqPu6nUirC8J2FU2hNwTmul5tyZjInkx0mkpzkGE9QKAB/1/v+s+NxqnbclT/FZ91xQE2hFYB/mSB1w=
X-Received: by 2002:a25:230d:0:b0:677:116d:afdb with SMTP id j13-20020a25230d000000b00677116dafdbmr30158897ybj.551.1660228707022; Thu, 11 Aug 2022 07:38:27 -0700 (PDT)
MIME-Version: 1.0
References: <MN2PR11MB435138DB4A7161A506B8CD25F7649@MN2PR11MB4351.namprd11.prod.outlook.com>
In-Reply-To: <MN2PR11MB435138DB4A7161A506B8CD25F7649@MN2PR11MB4351.namprd11.prod.outlook.com>
From: Todd Herr <todd.herr@valimail.com>
Date: Thu, 11 Aug 2022 10:38:11 -0400
Message-ID: <CAHej_8=dJBgSqKaFuOoOs4mqwKUEHdwVthTn0CRx+=1O5gm2iQ@mail.gmail.com>
To: "BIMI (IETF) (bimi@ietf.org)" <bimi@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000540d9705e5f81eb3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/3F5RLA36O29Ec9m1utmSLMgmziA>
Subject: Re: [Bimi] Thoughts about MUA/BIMI
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Aug 2022 14:38:32 -0000
On Thu, Aug 11, 2022 at 10:21 AM Brotman, Alex <Alex_Brotman= 40comcast.com@dmarc.ietf.org> wrote: > In thinking more about the MUA proposal, we are trying to find a solution > for the case where an unaffiliated[1] MUA would like to be able to either > independently validate message authentication details (to support DMARC), > or rely upon the validation process from the MBP. > > > > [snip] > I've got a long-standing bias toward the idea that the only authentication/validation results that matter are the ones that were arrived at when the message was written to the mailbox, because results can be different upon subsequent checks, mainly due to potential differences in the resolvability and content of the various DNS records retrieved during the validation processes. In this case, my bias would argue for the unaffiliated MUA to do no validation, and instead rely on signals inserted in the message by the MBP at the time of delivery. I recognize, however, that this method is fraught with peril, specifically due to the possibility of forged headers inserted by abusers and ignored by MBPs that are not BIMI-aware. I also recognize that the idea of results changing due to new information being available is not always a bad thing, as I recall some MBPs in the past talking about automatically moving messages from the Inbox to the Spam folder based on new information learned after the message was written to the mailbox (assuming, of course, that the message had not yet been seen by the recipient). On the other hand, I also recognize that attempts by an MUA to perform authentication/validation checks on messages are perhaps not as thorough (Alex's message recommends against doing any SPF check) and that the DKIM result might erroneously be "fail" due to changes made by the MBP during writing of the message to the mailbox, even if it passed DKIM checks performed by the MBP. I'm trying to talk myself out of my bias, but I can't get there yet, because I can't yet see a way for the unaffiliated MUA to get the same results as the MBP got at the time of delivery. -- *Todd Herr * | Technical Director, Standards and Ecosystem *e:* todd.herr@valimail.com *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
- [Bimi] Thoughts about MUA/BIMI Brotman, Alex
- Re: [Bimi] Thoughts about MUA/BIMI Todd Herr
- Re: [Bimi] Thoughts about MUA/BIMI John C Klensin
- Re: [Bimi] Thoughts about MUA/BIMI Todd Herr
- Re: [Bimi] Thoughts about MUA/BIMI Todd Herr
- [Bimi] Affiliation Bias (was: Re: Thoughts about … Dave Crocker
- [Bimi] Bimi Goals (was: Re: Thoughts about MUA/BI… Dave Crocker
- Re: [Bimi] Affiliation Bias (was: Re: Thoughts ab… Todd Herr
- Re: [Bimi] Affiliation Bias (was: Re: Thoughts ab… Dave Crocker
- Re: [Bimi] Bimi Goals (was: Re: Thoughts about MU… Brotman, Alex
- Re: [Bimi] Bimi Goals (was: Re: Thoughts about MU… John C Klensin
- Re: [Bimi] Bimi Goals (was: Re: Thoughts about MU… Brotman, Alex
- Re: [Bimi] Bimi Goals (was: Re: Thoughts about MU… John C Klensin
- Re: [Bimi] Bimi Goals (was: Re: Thoughts about MU… Dave Crocker
- Re: [Bimi] Bimi Goals (was: Re: Thoughts about MU… John C Klensin