Re: [calsify] Calendar spam - it is speeding up - security issue / warning
Doug Royer <douglasroyer@gmail.com> Fri, 14 June 2019 02:57 UTC
Return-Path: <douglasroyer@gmail.com>
X-Original-To: calsify@ietfa.amsl.com
Delivered-To: calsify@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A3E8B1200E6 for <calsify@ietfa.amsl.com>; Thu, 13 Jun 2019 19:57:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.998
X-Spam-Level:
X-Spam-Status: No, score=-0.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id svxeuhW_qaGz for <calsify@ietfa.amsl.com>; Thu, 13 Jun 2019 19:57:55 -0700 (PDT)
Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2446B12003E for <calsify@ietf.org>; Thu, 13 Jun 2019 19:57:55 -0700 (PDT)
Received: by mail-pl1-x630.google.com with SMTP id a93so359185pla.7 for <calsify@ietf.org>; Thu, 13 Jun 2019 19:57:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:references:organization:message-id:date:user-agent :mime-version:in-reply-to; bh=LAch2dvogMShR1E89CExExriTSjTX9iAnUNUqc02O7k=; b=mMmNyKaiN7PX8JKPxDue1NLGKPEIDY29FB93oMiz67484hTDIlMIxJEObZ/FftGa5+ +QFW5L9erDKGNLTzebk2DPynPQ0lMqJ+7JBZA3/RpwISXnthYpkpKrV0y0c+cgYbAr71 m1q1OTjo2Ek3lO/8SGB9xegvbKCDAVtHQdOQ7tLKpNyAMjCRNGcaVdCEbXgLJV3VAQfm 0CE07neFWaQsGWi3PXy1b5D3Vh+dNykw3ZvydOeRIV6q8dsofQmff6Gfyq1na3bM6IhM PDsMhdJ3Xf9ekWJWAlVAPZO7VS+ZD6t+vq7pWn9ea/lyzVEu/yQ8BcNalexzDzE2GoHK IyDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:references:organization :message-id:date:user-agent:mime-version:in-reply-to; bh=LAch2dvogMShR1E89CExExriTSjTX9iAnUNUqc02O7k=; b=FI9u8Nn8YdSk/HtS8VyI60Q3R2stgeubV9q+1XrgAz4qw6c+Arz/2IK3fnwkipDuDt Mq8lIYmPVuFOqKTUgVe16cP7asebf3pZCAxaWTQS/PYH4ATnmMrBJJRMIJ6AZBV+8Uxq kFq5ho60ATq2lFT8vL4lS1zVFAGhntDPybAumuhw347SL2TsCEwzhd32dk1RMGOs4KPb PL5LdtufH7K3LcwNmCX/BrJS/76kCJgEHBJgoiMMK8hhO+Q/HeHBuOTR6z2s39511GO6 v/SaHLNjiNXX2w18q/719rwj12/Ou7PoriWqSHIm1Lpnzuv8B/cVf7kGkL4H+W9vHn6t 1Qiw==
X-Gm-Message-State: APjAAAUZpugTTtN/SQRs6UStaMaNr6dz0FwZAzItoXKy8ivLVFOmad5W 6m3XGu5T6BGEMCK5NGJ/nvDoHH4SUjDV
X-Google-Smtp-Source: APXvYqwdPHJn3+32KxNrfIutlznxTGzX+YHlXMWY5Ia5ucnuOnDCCUKgqeX+qFsD9/cWmwsKqNqNgg==
X-Received: by 2002:a17:902:824:: with SMTP id 33mr93607946plk.29.1560481074042; Thu, 13 Jun 2019 19:57:54 -0700 (PDT)
Received: from [192.168.1.7] ([174.27.189.124]) by smtp.googlemail.com with ESMTPSA id p27sm1088678pfq.136.2019.06.13.19.57.52 for <calsify@ietf.org> (version=TLS1_3 cipher=AEAD-AES128-GCM-SHA256 bits=128/128); Thu, 13 Jun 2019 19:57:52 -0700 (PDT)
From: Doug Royer <douglasroyer@gmail.com>
X-Google-Original-From: Doug Royer <DouglasRoyer@gmail.com>
To: calsify@ietf.org
References: <f7d8336f-edd2-7d26-1589-87e58dd8672b@gmail.com> <25453529-BE41-4A4E-B6BD-5EB662C73DEC@calconnect.org>
Organization: http://SoftwareAndServices.NET
Message-ID: <a30c7d25-ae1f-43c4-4153-a423d97da827@gmail.com>
Date: Thu, 13 Jun 2019 20:57:52 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <25453529-BE41-4A4E-B6BD-5EB662C73DEC@calconnect.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms050409080900010405080902"
Archived-At: <https://mailarchive.ietf.org/arch/msg/calsify/s5suOUdGI9w-jBYZ7Z2Mp4SQ0Bo>
Subject: Re: [calsify] Calendar spam - it is speeding up - security issue / warning
X-BeenThere: calsify@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <calsify.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/calsify>, <mailto:calsify-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/calsify/>
List-Post: <mailto:calsify@ietf.org>
List-Help: <mailto:calsify-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/calsify>, <mailto:calsify-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Jun 2019 02:57:57 -0000
On 6/13/19 8:10 PM, David Thewlis wrote: > FYI earlier this year, CalConnect published a best current practices for > calendar operators on calendar spam. This was developed in conjunction > with M3AAWG; we understand that they will be publishing it as well. See > https://standards.calconnect.org/csd/cc-18003.html. > > Dave Thewlis Great! Just read it for the first time. I did not know it existed. Should drafts start using 'https' and not 'http' in the examples? It is not just about security over the wire. It can be about verifying the destination host is from a verified and expected site. Should https be required for all links in the future? I could add a URL into an iCalendar property/ parameter that links to a .DOC file that has malicious code. Several proposals lately have added or used URL links to related documents. Some CUAs could execute the related viewing application themselves after the user says 'yes' to load "YourIntroPacket.doc" - without virus checking. This is a security issue. A warning about the user saying "yes" to download and not automatic loading is the first half. Virus checking and malicious site checking is the second (and not mentioned) half. Last time I wrote a CUA, I just used the OS call to load and view the reflated application using the OS 'start the correct application' calls - without checking. -- Doug Royer - (http://DougRoyer.US) Douglas.Royer@gmail.com 714-989-6135
- [calsify] Calendar spam - it is speeding up - sec… Doug Royer
- Re: [calsify] Calendar spam - it is speeding up -… David Thewlis
- Re: [calsify] Calendar spam - it is speeding up -… Doug Royer
- Re: [calsify] Calendar spam - it is speeding up -… Thomas Schäfer
- Re: [calsify] Calendar spam - it is speeding up -… Doug Royer