Re: [Bimi] MUA Evaluation of BIMI (Marcel Bokhorst)
Trent Adams <tadams@proofpoint.com> Tue, 22 March 2022 17:30 UTC
Return-Path: <tadams@proofpoint.com>
X-Original-To: bimi@ietfa.amsl.com
Delivered-To: bimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 001203A08A1; Tue, 22 Mar 2022 10:30:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_FONT_LOW_CONTRAST=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=proofpoint.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bRp2m_U-qvZa; Tue, 22 Mar 2022 10:30:30 -0700 (PDT)
Received: from mx0a-00148503.pphosted.com (mx0a-00148503.pphosted.com [148.163.157.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D4E13A08F5; Tue, 22 Mar 2022 10:30:28 -0700 (PDT)
Received: from pps.filterd (m0086145.ppops.net [127.0.0.1]) by mx0a-00148503.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id 22MHT2F2021638; Tue, 22 Mar 2022 10:30:26 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proofpoint.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=corp-2019-08-07; bh=6hKinwJ5zW8czYsYQmiG9yMwj4EYasvmwh85aVRwuME=; b=WTmuT4sLsJf57Ezjf0eXXRTu30S1XQXNp/bxnqNWJYfPmKeuyj6+La6PUrpu6F9VppCB DhnBwl8hvGuHxq3VrgBVwC+04TCla8b1P9tP+3WxWXtI6Q5S9/0bnFDAVZnLc/gjQrDw icL1Z4xuOHUzU/pB2fC1j6BeY8J8WCrQQXvt66n49fezM0gLiRO159PGdbjArj9tyEyK 0yRBz6CONRuSszOWFkm/ynyWCBquIpN5R4Zht0WQQw5o2vREglPZ4Frni19NANO6KSwK aQoxPN5L5IP4G9WyIpWnqXjcjdWnyph4VhcGfqAG4MrfZq/qqlQYnwg6lqeEMDbgxfZD vw==
Received: from lv-exch01.corp.proofpoint.com ([136.179.16.100]) by mx0a-00148503.pphosted.com (PPS) with ESMTPS id 3ewe5r16ka-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 22 Mar 2022 10:30:26 -0700
Received: from lv-exch05.corp.proofpoint.com (10.19.10.25) by lv-exch01.corp.proofpoint.com (10.94.30.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2308.21; Tue, 22 Mar 2022 10:30:25 -0700
Received: from lv-exch01.corp.proofpoint.com (10.94.30.37) by lv-exch05.corp.proofpoint.com (10.19.10.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2308.21; Tue, 22 Mar 2022 10:30:25 -0700
Received: from NAM04-BN8-obe.outbound.protection.outlook.com (10.19.16.20) by lv-exch01.corp.proofpoint.com (10.94.30.37) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.2308.21 via Frontend Transport; Tue, 22 Mar 2022 10:30:25 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QjDjnaOe5+CYSH3wBQVAMz6LRhfPUpaW6OzkuGlMnbkgqmrBTUCD9UzJlZxNwc2jDt4Vw3XK8AJGm9/CrXODj9sRyDgBrqbX0Go/XYykACPtGljujqLFRUpkcDrRXJUOye2M0VBHgh0n/ACRgrfvckHW4z7/Zd1FajPi+mzQVsCJecRqtj420p6sAj/UYvthe82avcpTRCDwzxMSou19SdjRnhOY2RKxmyVe1GgeXO1BbK+lw/OMoy6vDeTlsOxp+ZGZr1K4olQt1GHAbbyAjmuJzNc/X+K2xt057a0AF7TqN0kiMrTktDZ2gdA7by+EmzSz8tr/Csdr0Hy9EhC5nw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Hef1RwIe3x7JUmj52+WxpKKyU3lYZo4Qy7/iozu49kQ=; b=Dvc2dYhjMmAxdDXXEI8cqGuYA8RUiSBVE/mxA/nsjZf7HIFkhuXeDuJhAYbDWPhtIHGY9geWumRgc5/OC/t6WY5Kq8c/lP1cxeMZYFO3aVTHIpd07/bcYRtdhsKvqN4wbYcen0YItRRHo9fubFea1qHzKkG5Gd+AuJfNo9hzuhu+ky47MQiAA8V6t9KjxudYiJ2vcZTix8lIZBEBFvyI9qurCAsA6Z4MWEcuaXLB/AwXVoUybgqszK55gaN0/zIpSCQkWPtoGVmb+Ife+LBTxosHQVstHCRPZBa+i3JaOopBaMtAk2JlhZYKrFVhxxAx3UaE6swXfVeZFd/0tcSqTQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=proofpoint.com; dmarc=pass action=none header.from=proofpoint.com; dkim=pass header.d=proofpoint.com; arc=none
Received: from CH2PR12MB5001.namprd12.prod.outlook.com (2603:10b6:610:61::18) by MN2PR12MB4176.namprd12.prod.outlook.com (2603:10b6:208:1d5::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5081.14; Tue, 22 Mar 2022 17:30:23 +0000
Received: from CH2PR12MB5001.namprd12.prod.outlook.com ([fe80::4d89:e9d3:abef:5ebe]) by CH2PR12MB5001.namprd12.prod.outlook.com ([fe80::4d89:e9d3:abef:5ebe%7]) with mapi id 15.20.5102.016; Tue, 22 Mar 2022 17:30:23 +0000
From: Trent Adams <tadams@proofpoint.com>
To: Marcel Bokhorst <marcel=40faircode.eu@dmarc.ietf.org>, "bimi@ietf.org" <bimi@ietf.org>
Thread-Topic: [Bimi] MUA Evaluation of BIMI (Marcel Bokhorst)
Thread-Index: AQHYPhGv9POX+fm7yU+f7duP5kaI5azLREyA
Date: Tue, 22 Mar 2022 17:30:23 +0000
Message-ID: <1E485A17-391C-48E7-A12D-FCF4D967B255@proofpoint.com>
References: <mailman.1299.1647969068.21334.bimi@ietf.org> <7f08ddd1-75ff-4c18-b91a-9c7e039df2cf@faircode.eu>
In-Reply-To: <7f08ddd1-75ff-4c18-b91a-9c7e039df2cf@faircode.eu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.59.22031300
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 94f03da9-4bf9-43e4-2bf8-08da0c29a57e
x-ms-traffictypediagnostic: MN2PR12MB4176:EE_
x-microsoft-antispam-prvs: <MN2PR12MB4176B241CF1E8FED1B035BDEB3179@MN2PR12MB4176.namprd12.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: w90/LgnfVP1ja7OMCArguzOeO6f6dwue1OO1srcXC4e6cxq0B7IdC/AFhVDUwkQDq+10IkF377Lm1g6y7Ofwu+3IFn9K64MeAdSC5Fxg1dX6R2otBzDRdynjnu6KCtlzSy7l49wCghADk+CUeyvpRyMp+xjJb8AJlM/uLRe1BRNddCvwO5AghjPqP+AuldXX2wFC0pAY9kx8jq3iF0vHzjAlD+Yy27tiw0on2InsQmNvPEotILLFt6zcXxZtVMrL3cYnyBf2fUhP/wWU0takzGR5PzYn0UWbS68Go2CqbONBSci9fJ081SBCByyNvFUlS9ezXnIl+se94nYDgGGqBHqVctuNkP4cMsKC/SKOh9z0CP5+9vJ7O1zIjA+pGmz9itukRlOS77GQMg1ndsrA0Ihi12YTz0RiDdCBiGx4R2pY+XmmbDFqgbx9PlHj4WDw/3guW/ZIvHjp14PsjtxEknDmTcqnmlSu8F2qAfhbvOsqUitnaTDvhs2Y2i3brms9HtdF9rLktPDVdbHiT/9w5b0Viad7fk+b1lqTrXSRzffu7mSrj+DaoxrGZwKu6dsoalZU53oonCFHj2+BPW9RdD5Gin4wS0uZY2MfuGsmCFAcIUK7NSn0AGrDQ7XXL/Grj/UILTMJG0Sj4jaUaDupAIhZfzfu+ECZDMUFE1WVcdquRHhFjpLe2cwoAqJYnrxkrWAEjWSkRmoba6+N9YROfZejcu2dx9RrI+4yOc1LTWb3IcZBaAzB69+8zYrx/ZFbA4bu4IxOPtuZ8kTcU74ezjwpAe2uI2MF8r1kUiBjDtsSTmIY9/RCcLncXlI4Po6C
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR12MB5001.namprd12.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(8936002)(122000001)(36756003)(2906002)(6486002)(966005)(186003)(5660300002)(38070700005)(33656002)(38100700002)(6512007)(76116006)(66556008)(66946007)(91956017)(83380400001)(316002)(8676002)(64756008)(66476007)(66446008)(110136005)(2616005)(508600001)(71200400001)(86362001)(53546011)(6506007)(45980500001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: eB3UHCgm3SILvZSi0rlqp+up3tNCT7yrHbXuOyeMhpf699n9rVtokgAFl/lX7utyQNgD49fCbk4/OWMPKvvJ+OGzSRm6bRenHIXDG/WPmaEjbNO9QL2Dtq6AzUrw73Ny9aCdCaYUOjnZVmI3Xz+lEb5QwAV1qJrmmmPw6jT5y0bZMrljpi8KPWM3A2k1cxBRBcDOIIpk/iGjdEXE8k9CfuSv1Yk18Vu2kpXUfp5MbPQe3+4ikn2dA7+lxh+ieBFwDvY04+60jOplQKiYVIYhq642R7nCMUylya7orUsIegwBDaPZMUHeBS2Ep6MYX6CimEcb+W3fEouYgUwC9m0o/hSE6yO1Tx4e6yBEGFFwTDAVME7vgsC9dPJuE0lpM+gPiZzrxiTG7RPw95ROOW05RxPhiQEVfbmDnj3xl3chUFVIpYyqDgz/qPR7unc1yC9quYzKo78ASCMVBjinluuq5KLA0f0FEPxQ3I7Q13DKhZgFAOJZ5Zs650ENFDgzrYjyEcriUYBf9Fln6EFKfwFHiV/ZS2HsOJGMBDNUNRnH6tQQzSN9D2JI82FIstOAAxCHwAIOdF/P49L4jhqywsuU9LNM8cyb7SntZbInM62cFHntlduBD65MVvgAh9HZlX5vJudTFCBF8ynXN4HJsgOwqXvhghqnP2ObeBUN/qFBRQ0jXZSCuIbex2gPAy0cKXGF1JV5yAedM/JJdKrg09JW6krik4+mi0bSZHSWB9sYzY/5ZxOSAegdxcKXgxrxptuYkzOiQfiM4DVQQbgmDxwRCS/+E915tiCG3S1//ad8ahW5OYkBxj/T8x5y4kbDgEtXK0wNfc6QbBUMaRM2iZcc4XWWgj8NyhYJqa6Kh+k+K8o7FQXMkhoW/B0qeqLPZAbb8PUkJznB/VF+CJx13fVlHDYYvnTXaoW7P1sGeplG21XdWdEsSaMVEcN2f9wm6QEhAE+Qh1H1cZOVhvf+kKzWDEzY960uOx0wUd3prG/NMa2rydLghPMUPRpk0KVAmI1Olgl0Rzc5TQZJyPkTVWF7Esd5SEl8817sw9faIRl5eLrY19dDSe3vInVGJ4U9OiczzjIxP7RzIOe2ClwA9VF8PUAma0eRs9cQFy5u8KNP90OZVBj6IKXhGKKDliCkKOetuxi5bDFrDiBLiXM4dhxub9urztcKfXduhXVTRBOyPi+LpdCtPwSWPu+KElVjC4gPARS8OtQcfWwribwptSAT2igelfss4CqG85ue5Z1/K/HGHX+FsiwpfttkFCnqDmbfnSCXzhyaUO5WENnRbReich92aDAc3bDJajgm6sco70eV/uVQSjUJRXzQzup/dx1LKThqBw7VGz6wnK0RGHQnZEJ8MvkVSK30YugKGOXl8hieCJ0DIqz1YmW5yw/smeIqkirPkXvxoEjHqho56EOJQ2Ou3ZKLtKyMfOCHCrqze3oKBlFQN0vAujSh5+jkVMoszcA9Pp9vjt0WaX9tk7lSlyKzOUHvCg6kpk6HpM/medX+8l/vUlllmPUBW0NJkZa2KwlVqJIKG+17r4/57/oqng==
Content-Type: multipart/alternative; boundary="_000_1E485A17391C48E7A12DFCF4D967B255proofpointcom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR12MB5001.namprd12.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 94f03da9-4bf9-43e4-2bf8-08da0c29a57e
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Mar 2022 17:30:23.4798 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 46785c73-1c32-414b-86bc-fae0377cab01
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Dsi2vediwwkFt8/zuM4m8vX3w0mCPm6x6KN8QDZJ9fuoUC9RWef9HZ9IkB576bfoKOExFb5vrzAWZkFFkU4qUA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4176
X-PassedThroughOnPremises: Yes
X-OriginatorOrg: proofpoint.com
X-Proofpoint-ORIG-GUID: RkRUGULgAD-uKXbk9JfYRgHEDa3T4nci
X-Proofpoint-GUID: RkRUGULgAD-uKXbk9JfYRgHEDa3T4nci
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.850,Hydra:6.0.425,FMLib:17.11.64.514 definitions=2022-03-22_07,2022-03-22_01,2022-02-23_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 impostorscore=0 suspectscore=0 phishscore=0 adultscore=0 mlxlogscore=999 malwarescore=0 bulkscore=0 clxscore=1015 spamscore=0 mlxscore=0 lowpriorityscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2202240000 definitions=main-2203220094
Archived-At: <https://mailarchive.ietf.org/arch/msg/bimi/TU1n1w6TmiFJUqNKFKbtdYS89J8>
Subject: Re: [Bimi] MUA Evaluation of BIMI (Marcel Bokhorst)
X-BeenThere: bimi@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Brand Indicators for Message Identification <bimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/bimi>, <mailto:bimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/bimi/>
List-Post: <mailto:bimi@ietf.org>
List-Help: <mailto:bimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/bimi>, <mailto:bimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Mar 2022 17:30:35 -0000
Right?! Yeah… we'd like to assume that the mailbox provider is doing all the right things… but, sadly, the specification can't assume that's the case. So, if a receiving MTA doesn't perform the necessary authentication evaluation… the MUA is stuck assuming that the RFC5322.From field is correct (when, in fact, it might have been spoofed). Sadly… I think that puts us right back where we started and why we're looking for the reliable AuthN-Results performed by the mailbox provider (and, if they're missing, ignore BIMI). - Trent From: bimi <bimi-bounces@ietf.org> on behalf of Marcel Bokhorst <marcel=40faircode.eu@dmarc.ietf.org> Date: Tuesday, March 22, 2022 at 11:24 AM To: "bimi@ietf.org" <bimi@ietf.org> Subject: Re: [Bimi] MUA Evaluation of BIMI (Marcel Bokhorst) Isn't that just spam, which the email server is supposed to drop into the spam folder because for example the DKIM signature isn't valid and the DMARC policy is set to quarantine (or reject). Maybe my view as an author of an email client is Isn't that just spam, which the email server is supposed to drop into the spam folder because for example the DKIM signature isn't valid and the DMARC policy is set to quarantine (or reject). Maybe my view as an author of an email client is too simplistic, so correct me if I am wrong. In any case there are no 'magic' checks in FairEmail, other than checking the DMARC record, which can hardly be called magic ;-) Mar 22, 2022 6:11:16 PM bimi-request@ietf.org: > Send bimi mailing list submissions to > bimi@ietf.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/bimi__;!!ORgEfCBsr282Fw!pl0hNlaNX-PTjAYKhZ-kkZmrkYWYwjudS7frDwsynN_KI5_4RajcM6pb8Wgno7kiNXj-Id-d0W88_8db8VdOGFBq4qM0swS2$ > or, via email, send a message with subject or body 'help' to > bimi-request@ietf.org > > You can reach the person managing the list at > bimi-owner@ietf.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of bimi digest..." > Today's Topics: > > 1. Re: MUA Evaluation of BIMI (Marcel Bokhorst) (Marcel Bokhorst) > 2. Re: MUA Evaluation of BIMI (Marcel Bokhorst) (Trent Adams) > bimi mailing list > bimi@ietf.org > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/bimi__;!!ORgEfCBsr282Fw!pl0hNlaNX-PTjAYKhZ-kkZmrkYWYwjudS7frDwsynN_KI5_4RajcM6pb8Wgno7kiNXj-Id-d0W88_8db8VdOGFBq4qM0swS2$ -- bimi mailing list bimi@ietf.org https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/bimi__;!!ORgEfCBsr282Fw!pl0hNlaNX-PTjAYKhZ-kkZmrkYWYwjudS7frDwsynN_KI5_4RajcM6pb8Wgno7kiNXj-Id-d0W88_8db8VdOGFBq4qM0swS2$
- Re: [Bimi] MUA Evaluation of BIMI (Marcel Bokhors… Marcel Bokhorst
- Re: [Bimi] MUA Evaluation of BIMI (Marcel Bokhors… Trent Adams
- Re: [Bimi] MUA Evaluation of BIMI (Marcel Bokhors… Marcel Bokhorst
- Re: [Bimi] MUA Evaluation of BIMI (Marcel Bokhors… Ken O'Driscoll
- Re: [Bimi] MUA Evaluation of BIMI (Marcel Bokhors… Trent Adams