[Bimi] Independent BIMI-capable Email Client
Trent Adams <tadams@proofpoint.com> Fri, 23 July 2021 21:35 UTC
Return-Path: <tadams@proofpoint.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BA173A1BCD for <bimi@ietfa.amsl.com>; Fri, 23 Jul 2021 14:35:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=proofpoint.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aUZZvUQPzTM8 for <bimi@ietfa.amsl.com>; Fri, 23 Jul 2021 14:35:53 -0700 (PDT)
Received: from mx0a-00148503.pphosted.com (mx0a-00148503.pphosted.com [148.163.157.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 910D03A1BCC for <bimi@ietf.org>; Fri, 23 Jul 2021 14:35:53 -0700 (PDT)
Received: from pps.filterd (m0162103.ppops.net [127.0.0.1]) by mx0a-00148503.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 16NLMCbp013171 for <bimi@ietf.org>; Fri, 23 Jul 2021 14:35:52 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proofpoint.com; h=from : to : subject : date : message-id : content-type : mime-version; s=corp-2019-08-07; bh=74xQ3fLrx/YoPHAepQ8p/m6QFTmz71Ly3d0XlxaZCvM=; b=vxQkR3jn8Inw/TZuKKCGbMAvnCxI3vWkfo/m+jPMwM+oHmnMI7hKPaL+c0VlaWAmB7o8 h7XlFKfsTRsWTlE2fmCh9q0OcvHaZd7RXzAcaPlF1L3IEugq8c/znTAILDkz43vyk4Wc xnp12/dDrZ1eLzN3+a3ZjeFqa39kjuZUbPpeHnjaagRy7sQ6LIJ22kKLb4lnMAAXVcpk K1ZXTJcA5Yd/K7O8FAZ3vwhXFxt6FSiRhDgaH4u9sbvi4lCU71Nn36T2v4c0HYQq42Ho R5lQRGkckRzgksynCGwkUqTxCrr3WfCTzXFpOsy8R6Rag0a+9tD+GGmkSXePMxMx2znG qw==
Received: from lv-exch01.corp.proofpoint.com (spf-mailers.proofpoint.com [136.179.16.100]) by mx0a-00148503.pphosted.com (PPS) with ESMTPS id 39ykgt8e0h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <bimi@ietf.org>; Fri, 23 Jul 2021 14:35:52 -0700
Received: from lv-exch06.corp.proofpoint.com (10.19.10.26) by lv-exch01.corp.proofpoint.com (10.94.30.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2176.2; Fri, 23 Jul 2021 14:35:51 -0700
Received: from lv-exch02.corp.proofpoint.com (10.94.30.38) by lv-exch06.corp.proofpoint.com (10.19.10.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2176.2; Fri, 23 Jul 2021 14:35:50 -0700
Received: from NAM10-MW2-obe.outbound.protection.outlook.com (10.19.16.20) by lv-exch02.corp.proofpoint.com (10.94.30.38) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2176.2 via Frontend Transport; Fri, 23 Jul 2021 14:35:50 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WqdzPaQY8q0bsLr2MnyQh9LBxy0dVgh9rXxxi4H+8TonHizuj6/roVihIZtg3GXRQlCB0N7M1BszBzpFrrxryFLC48ayzqZOpQVk6vz6wH+ShY2oeZOfyTXkHO+WpxgNtKAVlRIUCeAyhsFzMoBJRKkMlVpcj9oqfzI6TcDyvpHBLBx+eLsFExSQM3lwhb4woe31UVroSvWnUZxfUc34p+p1BE0InlpblkSonBsuVhHC6zC0muE/2fRhINmTLoh3TyrpiuJRciGUt/jsYLxQh5HrsC9BWdko7Rol7t66jkItl4AkeBZ9gFIK6T/KYxEPNwLz4vBRl2qg5LOl8NTczA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=74xQ3fLrx/YoPHAepQ8p/m6QFTmz71Ly3d0XlxaZCvM=; b=LVMecbaY3PwZ7vtx85BKYOIZew4GU6+uqi8UlzHcRGk1i8z36xwe0OBKRgK7JJU11hYvETzLnj7pyL4fnAAbGeadMlq2TEtJXwYL9wSGJ0LqQIzSHMz16U5IqLvQbU23Ov03crY0h88wDQKr5x+9cELusIeFH//RGw54+rEeVpL62qYPN6AvYkH/Yh9vhcKLeXn/ezEnLIloCUSDy4BGNzQ+IjAA/ePolnLEiQzF0SaDI5eMNRU5pQIF/rX5/4yngwOfNhAZVVHJmcCqX7ogQfqnnf4HYUjrpY/+MzH/Nvck00uye3ASgXhS8ERdHokXiNIQTAjZSVKv9FWyGFRweA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=proofpoint.com; dmarc=pass action=none header.from=proofpoint.com; dkim=pass header.d=proofpoint.com; arc=none
Received: from CY4PR12MB1782.namprd12.prod.outlook.com (2603:10b6:903:123::21) by CY4PR1201MB2549.namprd12.prod.outlook.com (2603:10b6:903:da::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.29; Fri, 23 Jul 2021 21:35:49 +0000
Received: from CY4PR12MB1782.namprd12.prod.outlook.com ([fe80::e9ea:5eea:18b5:86f]) by CY4PR12MB1782.namprd12.prod.outlook.com ([fe80::e9ea:5eea:18b5:86f%5]) with mapi id 15.20.4331.034; Fri, 23 Jul 2021 21:35:49 +0000
From: Trent Adams <tadams@proofpoint.com>
To: "bimi@ietf.org" <bimi@ietf.org>
Thread-Topic: Independent BIMI-capable Email Client
Thread-Index: AQHXgAq033cwP/0NfUCQ5FMqvSV4WQ==
Date: Fri, 23 Jul 2021 21:35:49 +0000
Message-ID: <2C1CE07A-2FC9-4278-8F00-4613E4966F1F@proofpoint.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.51.21071101
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=proofpoint.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: cabcef2a-07b0-46fc-438d-08d94e21d6ec
x-ms-traffictypediagnostic: CY4PR1201MB2549:
x-microsoft-antispam-prvs: <CY4PR1201MB254987FBF076BE144F4DC116B3E59@CY4PR1201MB2549.namprd12.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 1KdZhy3uJVlo5L5PjNQFU2DBRpYCOwZrtQXuXjscUdepUhvDnyGRqpOn+9I84GpUJ3txX6VF7r5ydu6wTIAsH43nOVd2DrDIV2W8ZA6nCcXThgSgE2Fne8Mde/1ZdAC6DlKVCaMKPUjBzGB+yOZl95FfruaHADc3B1pXhO6iKWbsc4aFA5/0KnzC6sq/bo/FLx8kq0u9Q3HC0kdvpd+6j6Dbv8AX/7+ghtITo+43p5e34TySvZl+f1Ibdiq20DEFGX2uE7xohCgl6IEQMW3VisXMhrMIR3r5uZU4zxBfFH0di7Y3jNZTFHyWmv0tToyr0x+TJXwwCR5F/OxEJlYLz/6i9/WsEqmyYvo/H/rOew+2wYOCkOlLYTCLUQWsYJ8eeZaz4whHLQolgrkt1CVpxg0M5H+QIPqBxxnPfkgcUbz5vABaksFJEx3P/1x3CV1dFfAIr9sZrap0CsUMQdQuxbJhLBNnAe+yjBiYk06KpjQzzJkmpPmWUg8SE51cl/xRjS7623Z7cQTCQO3fTGZBeBLP/mcHxCLdpl6KZtyiRFoS1BV3FbmApJwIaY/b+mUaQ7IdxyxjfMJUw7tY6FrXWxU7cboSw0FANoVw+KY/c7MFLlS09sBUhoJGYouudqgp1X39ESLOYe/o1/L0gvsjtvFn7I4hK+wvdJWz9MpD1K7x8CegG6EMlXsxHLqk9NMou4YasjpBgTrWNd6ydFBKP+ZZyG/9dI2+xX2C+Hagg21+vn6Y0pU1acKjaEwuANzIyoC59ZsWZcHDdNAFh7S3vgXOG4/44TWjfDo8AHxN8IreKSFcyaxLFbXoWB2CbqStkPiArOOB8IQ9/Tw7G9ZLpAzBeopm6vd/tNfRjqlVeqc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CY4PR12MB1782.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(39850400004)(396003)(376002)(366004)(136003)(478600001)(122000001)(86362001)(66446008)(8936002)(83380400001)(6506007)(76116006)(2616005)(966005)(66946007)(6486002)(33656002)(66476007)(64756008)(2906002)(71200400001)(6916009)(5660300002)(6512007)(186003)(316002)(3480700007)(38100700002)(66556008)(8676002)(36756003)(45980500001)(38070700004); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: VzBHpAUF4NRHuO0KKTxdl0hBiOJofOEC/iEcBaXnJDkxiYleeaBKy4wIwUa1Gtxjw3TNArdZ6oeKAEgUy8EUvb1BYmAr75Iak9Nf89rCbzsFUVz9ocMPtSiNEKscA/AulJYt2FzJ+ckxYxNmX8QHmUAY67DqiIRtCoF+yOC0QnkznGaQXcdORxbFKsnPj+gXZCkKFWEbnM6MDLYwaGIQRltfLYFgKCNBH2ONnwUayoZ02vJeqvzLIQgNb61p3hXecyYMfh4pmRbstJRtmU01eWqvlO8A11419zx4q90CcIasS/go5pAdcy8atrvMCxBKgcEpR31w1U3k1ifrRIMWxj8rDnknkY5Nq9hOgaqcNRED/Vqz2+OmBqCn9+782h0eXI6yhzhr8lbMcWjRW6k4Xf7REBpsTRiFNJK6gz1+wb9KVZ1sSjrJqeWgGJDUH155s1Lt0MsFU2gjoyoLxFywZVXHafJbhepYVUIjOrA1TyYyU7I16Xei7XvhMyfMufabBfZRrwq7DxeqjMyiRhXo6BarCMI+T4RPyE+V0/3lOLm48w2Jyu9pEG2tFhKFIV3dYRrfQg6WlPnfRgXR7g+gHsgQDyl0bwY7DJyg0YwYumtQ5NrGryhlsywj6tkZafWu1Qq9f1MKC21eJ93NROGpDCbgpaFsUpVMg6Vb9zsWAfNNBe6bxdBIcKbaTP3KM7FVMsVKqEb/yrWSHS0aHoITUwz/41opE5mNID2mZXMZNyYHmiuXjv2i8tniSm56v4+0ma6VRY/BPCrkCan6M2Q979LdXY7pCbUvLJBBPY6ULEj8vhjenAWMoeYXJfA+SjH5bkNReZCA14yYd+flMOngTaPwxo8DMeY4CPAM8moBy52lr8+7MWkAxO8HdoFAtuy3feksZfYUgi2CP2VhBnOVVCUkkZYpx35t0tosFQOgdSM6JyVyXOr3flkfJlWTl56d1iHBnzJLE8dK2XuwL2kChKfNhuYz7cphl99WmAV2RVNd+0cdhkJe4uxaeng/QJYBBbpXh+y43VjSfiRz5DC7rKh/eJ1hlWAr9qbQQQrFciB4HqFQ/uk2rrJRf3Y1ElVoOj5Ym07u8Ehq/LzSCyBYJtP2917nz5SGGQY2Gq9s9m9JIpYR2ZchsWvDjeHwa2eQ8E6wQroTSRdR4JdmG0zojI4Afbal5YNRF43GuwNKW3pO692HjXvUZRKHjQYYzrm2We2DPHFnzmC5WWNgNcSLJd7uLtygXK8dduup1lDJSY1f3Lkj49N+VWPcPrY47P8HFJuxahbdbaPa9EgZz1wExw/el6jucg3NBCcnoz/nTRATNgDvnoUYahJLj/FaMNzeJ47k7td85PCXS1PqiGIq9LRTwXill1Ky4VS+vTaoPuV0Zmv1k1Actn3H5Pg0wAQmrjs2RCNBMbN4osjjmrC9DQ==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_2C1CE07A2FC942788F004613E4966F1Fproofpointcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY4PR12MB1782.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: cabcef2a-07b0-46fc-438d-08d94e21d6ec
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Jul 2021 21:35:49.5091 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46785c73-1c32-414b-86bc-fae0377cab01
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: lqZQnh+ITjCTt2NM1T6uu8RL3xM1tJtkuyZOLwyaX2QU0+eM88toDjgpxVwUWAqH7nPf3WVjkYn+UvdPN62hUQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1201MB2549
X-PassedThroughOnPremises: Yes
X-OriginatorOrg: proofpoint.com
X-Proofpoint-ORIG-GUID: LXLqGqL_PwZm1ShNHI-61uYz4zPd53Qn
X-Proofpoint-GUID: LXLqGqL_PwZm1ShNHI-61uYz4zPd53Qn
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.182.1,Aquarius:18.0.790,Hydra:6.0.391,FMLib:17.0.607.475 definitions=2021-07-23_10,2021-07-23_01,2020-04-07_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 adultscore=0 spamscore=0 lowpriorityscore=0 phishscore=0 impostorscore=0 suspectscore=0 malwarescore=0 clxscore=1011 mlxlogscore=999 mlxscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2107140000 definitions=main-2107230130
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/5uRLn-F4Un_o8RQ2-ZbS9q39iGI>
Subject: [Bimi] Independent BIMI-capable Email Client
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jul 2021 21:35:58 -0000
Since Gmail's announcement, more companies are starting to play around with BIMI (no surprise there). And, as expected, the increased attention is helping to put more eyeballs on the experiment. And while some of the major mailbox providers are adding BIMI support to their own mobile clients, I ran into a FOSS project run by a developer in the Netherlands who has already added BIMI to their independent mobile mail client. If you get a chance, I'd suggest taking a look at their FairEmail implementation as they made some interesting choices: https://email.faircode.eu/ The current Android client package can be downloaded from their GitHub repository: https://github.com/M66B/FairEmail/releases So far, they've already found some useful results from their experiment. And now we're finally at a point where we can test the architecture (and pressure-test the specifications) beyond the handful of usual suspects. For example, here're a few issues this work as already surfaced when interpreting the specifications [1] [2] [3]: * They aren't entirely clear on how (or why) to evaluate a logo referenced by the BIMI record and the one retrieved from a VMC. * It's also not all that clear where to retrieve the BIMI logo when the email is sent from a subdomain, and match that up with the DMARC results. * There's also the question about whether or not an independent client can/should trust the authentication results performed by the mailbox provider when deciding to display the BIMI logo. * There is a non-zero addition of processing required by the client to handle BIMI, leading to the question about what impact this may have on a client... and what efficiencies can be introduced with local caching (if any). What I found most interesting was how the specifications assume a tight coupling between the client and the mailbox provider. It definitely opens the question of whether it's possible (or recommended) for an independent client to support BIMI even for email received by mailbox providers that don't support it. It's real-world interop testing like this that I hope will highlight issues that need to be discussed as the experiment continues. Also, if anyone would be willing to test the FairEmail client, I'd be keen to hear if you think that the way it leverages BIMI matches your expectations. Also, are there any others out there that might contribute their learnings to the conversation? Anyway, thanks for any feedback you may have. It'll be useful to hash out ideas for improvements and next steps on the list. Cheers, Trent [1] https://datatracker.ietf.org/doc/html/draft-blank-ietf-bimi-02 [2] https://datatracker.ietf.org/doc/html/draft-fetch-validation-vmc-wchuang-00 [3] https://datatracker.ietf.org/doc/html/draft-brotman-ietf-bimi-guidance-03 -- J. Trent Adams Director, Ecosystem Security Proofpoint tadams@proofpoint.com
- [Bimi] Independent BIMI-capable Email Client Trent Adams
- Re: [Bimi] Independent BIMI-capable Email Client Brotman, Alex