Re: [dispatch] FYI draft-levine-mailbomb-header-00
"John R Levine" <johnl@taugh.com> Tue, 20 June 2017 18:27 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EEB71315D8 for <dispatch@ietfa.amsl.com>; Tue, 20 Jun 2017 11:27:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.791
X-Spam-Level:
X-Spam-Status: No, score=-1.791 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=iecc.com header.b=bNCAZsYi; dkim=neutral reason="invalid (public key: not available)" header.d=taugh.com header.b=aUIYVdb1
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FWpAn-SLEH4n for <dispatch@ietfa.amsl.com>; Tue, 20 Jun 2017 11:27:05 -0700 (PDT)
Received: from miucha.iecc.com (www.iecc.com [IPv6:2001:470:1f07:1126::4945:4343]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F15C13154A for <dispatch@ietf.org>; Tue, 20 Jun 2017 11:27:03 -0700 (PDT)
Received: (qmail 41530 invoked from network); 20 Jun 2017 18:27:02 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=a238.594968f6.k1705; bh=/YGTvRu1lg7fwbx04Q+ZTCwdoiSxygnsO0RkYvkXDi8=; b=bNCAZsYi4Aq43Kg1L1SIKMCkv+m704R1/sx2uZEPPjS6Q9ZzWvoi/99dxESM1Tln5uk0Kf3z4rU96N4Vy5mBp8XtZo6eoA89a5We4FE55KYMwO0ExDq9ZPzVYvaAsA1YaHAIEIhICsQWoSLvA9lzjL6hKKuV+dlxGUexaPlxUIL1uP6B4eG3iMOu5LpG+P3tfXFfAtFsndxZaR5wzP/RmbZP3uwtnUBpqx0RUqQ14gSSitpqhpAaGAxXxEmQoZA2
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent; s=a238.594968f6.k1705; bh=/YGTvRu1lg7fwbx04Q+ZTCwdoiSxygnsO0RkYvkXDi8=; b=aUIYVdb1SkZPExq6e/E2AK1hx/Ni5rR3M5J2MKJjAUG24ToAgHv23GEdQtC5o+hoglgRO7+IYrCcPxqlkeoLU5cbqNYvw5PoIk5kiymfT9LLZ868PCLeNEcU6QBLhjRUELEzEt7XcSttDrIoxovJvc79Ve9cccIG7hjn77AgxjPfAmAoll9vkpzorYNrPmsRp0FeyqmIUq+YKZP4Lu/BcXPwDBWc7rz3NVimRvV8hGHRX8EsPwd3v6hFWCx3IL9B
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2/X.509/AEAD) via TCP6; 20 Jun 2017 18:27:01 -0000
Date: Tue, 20 Jun 2017 14:27:01 -0400
Message-ID: <alpine.OSX.2.21.1706201425260.36471@ary.qy>
From: John R Levine <johnl@taugh.com>
To: Cullen Jennings <fluffy@iii.ca>
Cc: Dispatch WG <dispatch@ietf.org>
In-Reply-To: <33E62B35-8048-4EBA-A5D8-409564D5B667@iii.ca>
References: <20170619174225.10412.qmail@ary.lan> <33E62B35-8048-4EBA-A5D8-409564D5B667@iii.ca>
User-Agent: Alpine 2.21 (OSX 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/A5iwkDcvZbcma7w_y4Xd9sEihbM>
Subject: Re: [dispatch] FYI draft-levine-mailbomb-header-00
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jun 2017 18:27:07 -0000
> For v6, how much would typically be redacted ? I get the impression it'd usually either be the high half or the low half. We worked this out with some German ISPs who had strong opinions about what they would be allowed to include. Keep in mind that the alternative to a redacted IP is not a full IP, it's no IP at all. R's, John >> On Jun 19, 2017, at 11:42 AM, John Levine <johnl@taugh.com> wrote: >> >> This draft came out of a discussion last week at M3AAWG. The issue is >> that bad guys (or more likely bad bots) fill out web forms and include >> fake mail addresses, the forms provoke confirmation mail which then >> mailbombs the address(es). >> >> This draft adds a new header to indicate that a message is in response >> to a form submission: >> >> Form-Sub: v=1; ip4=198.51.x.x >> >> The IP address is that of the web client, which may be partly redacted >> with "x" for privacy reasons. If a recipient mail system sees too >> many of them, it may block the system that's sending them. The draft >> also asks for an enhanced status code which means we rejected this >> message because it's part of a flood with Form-Sub headers. >> >> When we had the discussion there were people from at least two large >> consumer mail systems and a dozen hosters and (sending) mail service >> providers in the room, so it is likely this will be implemented >> enough to see if it's useful. >> >> At this point the main point of writing the draft was to have a >> reference so I could ask IANA to register the header and status code. >> If it does turn out to be useful I'll come back and ask for it to be >> dispatched into a standards track document.
- [dispatch] FYI draft-levine-mailbomb-header-00 John Levine
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 Stephen Farrell
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 John R Levine
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 Brandon Long
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 Cullen Jennings
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 John R Levine
- Re: [dispatch] FYI draft-levine-mailbomb-header-00 Sean Leonard
- Re: [dispatch] FYI draft-levine-mailbomb-header-0… John R. Levine