Re: [dmarc-ietf] attack on reports
Matt V <ietfdmarc@emailkarma.net> Tue, 26 January 2021 20:41 UTC
Return-Path: <contact@emailkarma.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BFB4C3A0E6F for <dmarc@ietfa.amsl.com>; Tue, 26 Jan 2021 12:41:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a1h7NhEfZuRl for <dmarc@ietfa.amsl.com>; Tue, 26 Jan 2021 12:41:21 -0800 (PST)
Received: from mail-ua1-f51.google.com (mail-ua1-f51.google.com [209.85.222.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BFDA3A0E6E for <dmarc@ietf.org>; Tue, 26 Jan 2021 12:41:21 -0800 (PST)
Received: by mail-ua1-f51.google.com with SMTP id d3so6091353uap.4 for <dmarc@ietf.org>; Tue, 26 Jan 2021 12:41:20 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=4Qhn1Q80qQ8UBPRRaWYUWYCbJRvGpRaiJiz60iK+kKc=; b=R4p3RSoPebIO+dTG6cc98vaJy+lekZIeF01N2boXaZn4dke2tRucLoQAFLBLpDn08u K+I4inD+N6HTJ+hAsnfFmVfwX8FH95GJJXpB2C1nu67+RSDAkLrmO3Dwj+tWsgr+j5o7 2u2faYsTd/mhjwbsI4RkFJtijKFsMc9wFn//O0MMSH7VTiVknqN6pLiDoajLEeEPq47l kXbJ7qgp5PXuN5xefR0oZKolPSt2QOEZx+csJ1opSyxBFt+dAciDEGdADdTFNZ50TMXj 4igZ6GwWqEC3UHnuxo+Jya5JG1r43vbB3RGeNFICI8PLwoKnlF+VCr2u8ChEWXmSUvZ0 SruA==
X-Gm-Message-State: AOAM530XfhS6rkbC68An45YRtUK7eHAghJqVtSwwQAnqDwUdgur8Mk7X wqng/uUG8ZN+MbSE7LWY5I7pLZAhJJ98VhaJV5epqAmQyszLvw==
X-Google-Smtp-Source: ABdhPJyGyeJGN7ICYYXIe4H1ITKEbSV6hWkj0Kdnznb0L1BtXEaWY0h/0SWHGb4y5h8zPYQVwSRUry+x35jXrPLlhSE=
X-Received: by 2002:a9f:2c07:: with SMTP id r7mr5958981uaj.4.1611693679621; Tue, 26 Jan 2021 12:41:19 -0800 (PST)
MIME-Version: 1.0
References: <c049495f-faa2-c5f0-3e0a-7d8d86150568@mtcc.com> <aab313ee-4453-d97c-65ad-2a02d543c66c@tana.it> <24e8da5d-e306-7207-bb8f-74d44e4c5eaf@mtcc.com> <CAHej_8kS7hHR70LdcktuEtm08FyjsmqV17wHq21MdT=eNspCGw@mail.gmail.com> <f8f77f85-a2ae-3fb3-acb4-70d14a9da0f4@mtcc.com> <CAHej_8nZu3Fgj1=V8aQnho7LEc0Y12KfXa8b+xxXVDzDqe8Bxg@mail.gmail.com> <d181379e-8a3d-2865-53ca-709f679945ac@mtcc.com>
In-Reply-To: <d181379e-8a3d-2865-53ca-709f679945ac@mtcc.com>
From: Matt V <ietfdmarc@emailkarma.net>
Date: Tue, 26 Jan 2021 15:41:10 -0500
Message-ID: <CAPyMsDi_tVK7j_HjpAfLEcy=xCDPR4kPZs-5MOFVkQSgCjwsuQ@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000042ce3a05b9d3adc9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/4et8YT2Yfoso7-y1WFgMtqhqG9M>
Subject: Re: [dmarc-ietf] attack on reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Jan 2021 20:42:32 -0000
On Tue, Jan 26, 2021 at 3:17 PM Michael Thomas <mike@mtcc.com> wrote: > How do I know when I'm done though if I don't know the IP addresses who > send on my behalf? Is it an actual forgery or is it Marsha in marketing > using a outsourced email blaster? > This is solved with conversation with the relevant stakeholders in the organization from IT, Marketing, PR, etc... along with security and brand policies being enforced. Ultimately only approved and official email sources will be authenticated - random sales/marketing people don't get to make those types of decisions on the day-to-day. You want an exemption for your support/marketing tools you need to get it cleared, vetted and properly authenticated to play. This is how most large companies resolve this issue. ~ *MATTHEW VERNHOUT* Founder, Editor EmailKarma.net <http://ekma.co/16G2Htm> It's not the size of your list, it's how you use it! t: @emailkarma <https://twitter.com/EmailKarma>
- [dmarc-ietf] attack on reports Michael Thomas
- Re: [dmarc-ietf] attack on reports Alessandro Vesely
- Re: [dmarc-ietf] attack on reports Michael Thomas
- Re: [dmarc-ietf] attack on reports Todd Herr
- Re: [dmarc-ietf] attack on reports Michael Thomas
- Re: [dmarc-ietf] attack on reports Todd Herr
- Re: [dmarc-ietf] attack on reports Michael Thomas
- Re: [dmarc-ietf] attack on reports Todd Herr
- Re: [dmarc-ietf] attack on reports Matt V
- Re: [dmarc-ietf] attack on reports Steven M Jones
- Re: [dmarc-ietf] attack on reports Michael Thomas
- Re: [dmarc-ietf] attack on reports Michael Thomas
- Re: [dmarc-ietf] attack on reports Michael Thomas
- Re: [dmarc-ietf] attack on reports Michael Thomas
- Re: [dmarc-ietf] attack on reports Todd Herr
- Re: [dmarc-ietf] attack on reports Michael Thomas