Re: [dmarc-ietf] Email security beyond DMARC?

DAMY gustavo <gustavo.DAMY@upu.int> Thu, 21 March 2019 13:01 UTC

Return-Path: <gustavo.DAMY@upu.int>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7AD512795E for <dmarc@ietfa.amsl.com>; Thu, 21 Mar 2019 06:01:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=upu.int
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Smdal09nRpF0 for <dmarc@ietfa.amsl.com>; Thu, 21 Mar 2019 06:01:01 -0700 (PDT)
Received: from mgw3.upu.int (mgw3.upu.int [193.247.49.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9BE3012423B for <dmarc@ietf.org>; Thu, 21 Mar 2019 06:01:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=upu.int; i=@upu.int; q=dns/txt; s=default; t=1553173257; x=1584709257; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=f4SMIhuJkth27pQSgrvU4vUzNGBkUe05PWXd5x6NmO8=; b=XYOwIQsBbLDRmZf4BOCM8cCe4Ws955HII1hR960iqQLqxBvczarNeryw cPjSsW+Oqg/9fsyjYZuXl1qzrvMo2exKdqFhCKgs4Z+IDoD8ozZYRq6tz dfreQSh7Xxe6brfftlxy368kZw0xxpP/DJnGk/8g+R2/QSc70hjg8tqhF 0ZkMmQMgGvFApu/1RcgobtOQQ1PcOinQJwESkflEcCtQDGBgYTtV4I6T8 T7gW3q99OU4pvhn48SHHYRzwfuiEHDcRxW1u0sDYilawBORM7VvCAKSyk siLmJXxz1fGhYiNknbR7bT5ub2EPJOSmVquXTvSN1BkJSUk45hPkqLgK8 w==;
Authentication-Results: mgw3.upu.ch; spf=Pass smtp.mailfrom=gustavo.DAMY@upu.int; spf=None smtp.helo=postmaster@PEXC01.upu.ch
Received-SPF: Pass (mgw3.upu.ch: domain of gustavo.DAMY@upu.int designates 193.247.55.160 as permitted sender) identity=mailfrom; client-ip=193.247.55.160; receiver=mgw3.upu.ch; envelope-from="gustavo.DAMY@upu.int"; x-sender="gustavo.DAMY@upu.int"; x-conformance=spf_only; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:193.247.55.160/32 ip4:193.247.55.161/32 ip4:80.80.227.166/32 ip4:193.247.63.15/32 +a:erecruit.noreply.upu.int +mx -all"
Received-SPF: None (mgw3.upu.ch: no sender authenticity information available from domain of postmaster@PEXC01.upu.ch) identity=helo; client-ip=193.247.55.160; receiver=mgw3.upu.ch; envelope-from="gustavo.DAMY@upu.int"; x-sender="postmaster@PEXC01.upu.ch"; x-conformance=spf_only
IronPort-SDR: czVtZW+iOLisXABtQfivxis5vzZfXC+yT/rKbcbU7FILjsDo13eQK5GC0/Oq9EVOJlmjEb5lJ/ 4dc3iGWRWP9qeoOCStHOjuiG9p40SfnOVNK/zejvpNn8L09/0U2Itb8VUTddDnX4kO+oMO12Yu SMTPCzNAvIkGVcG+Up+R21WzGC8nFlUjRg8TngQOjcX3vC2mC6Eoyxjv2lMEWopXJMJPP2M80r Qyh+3frm391BV0LZWUCvCk3bsrl3i3NKbwbmwFThe13m2/GhnsZMmXDak74L6v3jh/YPOsdkYI +OA=
X-IronPort-AV: E=Sophos;i="5.60,252,1549926000"; d="scan'208";a="1863314"
Received: from PEXC01.upu.ch (2002:c1f7:37a0::c1f7:37a0) by PEXC01.upu.ch (2002:c1f7:37a0::c1f7:37a0) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Thu, 21 Mar 2019 14:00:47 +0100
Received: from PEXC01.upu.ch ([fe80::28c1:e4c1:2f2e:11fc]) by PEXC01.upu.ch ([fe80::28c1:e4c1:2f2e:11fc%13]) with mapi id 15.00.1130.005; Thu, 21 Mar 2019 14:00:47 +0100
From: DAMY gustavo <gustavo.DAMY@upu.int>
To: John R Levine <johnl@taugh.com>
CC: "dmarc@ietf.org" <dmarc@ietf.org>, Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>
Thread-Topic: [dmarc-ietf] Email security beyond DMARC?
Thread-Index: AQHU3093v/AeslasNkiUwE096qOcBKYWC7zA
Date: Thu, 21 Mar 2019 13:00:46 +0000
Message-ID: <b8534bcf921f4b26a65bd1939dd81219@PEXC01.upu.ch>
References: <20190319184209.804E42010381DB@ary.qy> <alpine.DEB.2.20.1903201442260.7108@softronics.hoeneisen.ch> <alpine.OSX.2.21.1903201042010.79863@ary.qy>
In-Reply-To: <alpine.OSX.2.21.1903201042010.79863@ary.qy>
Accept-Language: en-GB, fr-CH, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.22.0.30]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/-wSQXhOvyegvb3BlGT410qy0Ngs>
Subject: Re: [dmarc-ietf] Email security beyond DMARC?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2019 13:01:05 -0000

Dear John,

But if the AIM is to have an end to end easier to implement encryption +  phishing protection, probably it would make sense? 
This will not reduce the SPAM but using DMARC and properly tune the policy P=reject; pct=100 would help to secure the content and reduce the phishing,  (and sure definitely will not help  to avoid SPAM)  from those compromised accounts.

> If pEp is applied on top of existing email infrastructure (which is 
> likely the case in most scenarios), DMARC can also be used in 
> conjunction with pEp emails.

DMARC has never been an anti-spam scheme.  It's about phishing, which is not the same thing.



Regards.
Gustavo