IETF Logo Mail Archive

Re: [Bimi] MUA Evaluation of BIMI

Jakub Olexa <jakub@mailkit.com> Fri, 18 March 2022 08:42 UTC

Return-Path: <jakub@mailkit.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F7643A193C for <bimi@ietfa.amsl.com>; Fri, 18 Mar 2022 01:42:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mailkit.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E2Q6vzjY9zd1 for <bimi@ietfa.amsl.com>; Fri, 18 Mar 2022 01:42:37 -0700 (PDT)
Received: from mail.mailkit.eu (mail.mailkit.eu [185.136.200.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A3EB43A193B for <bimi@ietf.org>; Fri, 18 Mar 2022 01:42:37 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.mailkit.eu (Postfix) with ESMTP id 109E6205A7 for <bimi@ietf.org>; Fri, 18 Mar 2022 09:42:34 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at mailkit.eu
Received: from mail.mailkit.eu ([127.0.0.1]) by localhost (mail.mailkit.eu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2wTwCTtM4IyO for <bimi@ietf.org>; Fri, 18 Mar 2022 09:42:31 +0100 (CET)
Content-Type: multipart/alternative; boundary="------------v1snAHM0kVHpY4EBVLt0yeb6"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mailkit.com; s=mk-2; t=1647592951; bh=5ugqZd6at17FT7oFnZe2EhH55piGZ0yneQnlQC+2y6Q=; h=Date:To:References:From:Subject:In-Reply-To; b=dTnde4z4m2zSiC4i+F4PmCWCVjBc6FtSX8woVicSeDKf9AMhmrJ0DZYvPEnHC+0NL +cy5iyETZRO58gcSkDU+hIgkEeC2YqMKzylwja3H+S63y1i/xKharoTs2XuMCo+Nvd Z92JE2FpPb/6hn/LS0IKLkNirRAuKZLRFIRBNDLojqziva/El5D0JS6rGwLEe+TUGD F2eDT+w1Q/E+1iweuGwJMldVQq3mtIgLwwHd+qn74bUWG//0oC0TfWUsN9qNkc/Lr4 2hQIa+6XSdZok11AREmrFltVybf5L69bZI3SAbwDc1NtLc8TMx0ghAohnJYFPw0gmE N12OTkBwiyHGw==
Message-ID: <fa8e50c2-97c4-1d02-fbb5-a3bc9382bd5a@mailkit.com>
Date: Fri, 18 Mar 2022 08:42:29 +0000
MIME-Version: 1.0
Content-Language: en-US
To: bimi@ietf.org
References: <MN2PR11MB4351832ACD2F68404D87275FF7119@MN2PR11MB4351.namprd11.prod.outlook.com> <20220316182949.1A3F73945349@ary.qy> <B0FB719D-DF38-4D9E-B18C-C1D65EA7CAA4@proofpoint.com> <46fbb64b-cf30-bd49-1f39-f5dcb204ae93@taugh.com> <f9261037-7901-3e14-83c2-c02664c7c230@dcrocker.net>
From: Jakub Olexa <jakub@mailkit.com>
Organization: Mailkit
In-Reply-To: <f9261037-7901-3e14-83c2-c02664c7c230@dcrocker.net>
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/Oh-iK3j2q2M_6aDTXodqeIS-Xl0>
Subject: Re: [Bimi] MUA Evaluation of BIMI
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Mar 2022 08:42:43 -0000

I'd say the only thing that would be worth checking is the source of the 
A-R header and host MAY match the server host (which may often not be 
possible) or fallback to the topmost A-R header.

Keep in mind that BIMI is not a trust indicator but just a logo - 
marketing feature rather than security feature. Custom MUA of a hosting 
company may rely on the A-R headers in a different way as it would get 
those from the MTA they have control over then a public MUA that simply 
has to trust that the user chose an imap server for a reason. What's the 
point of questioning the headers authenticity? I do get that it would 
prevent a malicious actor from having a "fake" logo displayed but the 
impact would be very limited.

maybe we could require MUAs to rely on the BIMI-Indicator header added 
by MUA.

Jakub Olexa
Founder & CEO
E-mail: jakub@mailkit.com
Tel: +420 778 535 877 <tel:+420778535877>

Mailkit - Closing the circle between Deliverability and Engagement 
<https://www.mailkit.com>

On 17.03.2022 20:35, Dave Crocker wrote:
>
>> You can tie yourself in knots here but I really doubt you're going to 
>> end up with anything better than believe your MTA's A-R or you don't.
>
>
> This seems to be trust without verification and without any meaningful 
> basis for the trust, other than having logged into an IMAP session 
> with a mailbox provider.
>
> Since 'users' certainly won't be doing a meaningful assessment, this 
> reduces to:  Random MUAs with support for displaying Bimi images must 
> use any A-R header field that shows up.
>
> Note that the trust includes having no basis for knowing whether the 
> connected servers knows about, or cares about, A-R fields.
>
> d/
>

v2.23.0 | Report a Bug | By Email