IETF Logo Mail Archive

Re: [dmarc-ietf] non-mailing list use case for differing header domains

Jesse Thompson <jesse.thompson@wisc.edu> Fri, 31 July 2020 20:32 UTC

Return-Path: <jesse.thompson@wisc.edu>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A4323A0B74 for <dmarc@ietfa.amsl.com>; Fri, 31 Jul 2020 13:32:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wisc.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8mzWy5ZwoSDm for <dmarc@ietfa.amsl.com>; Fri, 31 Jul 2020 13:32:35 -0700 (PDT)
Received: from wmauth4.doit.wisc.edu (wmauth4.doit.wisc.edu [144.92.197.145]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8AC6E3A0B68 for <dmarc@ietf.org>; Fri, 31 Jul 2020 13:32:35 -0700 (PDT)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11lp2175.outbound.protection.outlook.com [104.47.57.175]) by smtpauth4.wiscmail.wisc.edu (Oracle Communications Messaging Server 8.0.2.4.20190812 64bit (built Aug 12 2019)) with ESMTPS id <0QEC01LRYP29IY30@smtpauth4.wiscmail.wisc.edu> for dmarc@ietf.org; Fri, 31 Jul 2020 15:32:34 -0500 (CDT)
X-Wisc-Env-From-B64: amVzc2UudGhvbXBzb25Ad2lzYy5lZHU=
X-Spam-PmxInfo: Server=avs-4, Version=6.4.7.2805085, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2020.7.31.202717, AntiVirus-Engine: 5.75.0, AntiVirus-Data: 2020.7.23.5750001, SenderIP=[104.47.57.175]
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eiEo/vRLnkO8dJXkQsckxia6wJqF4zQx8m4nVqAnHQmNCTkuXD57VysFibCeN41rqaTFbL6E0HmtREWUknxPCeY52Jl59deFq5BIh23UibEhFAWNyYjirAdyO6V4z2VI6yMhfoRVoBgry92bD0HNS/morTrCvSMojb3lvKu3v1VbKB1sX68niqzcX5khqrPSwboJER4HuKpXPUjyXm/QcOfPAk2X6NmQF9XsOq4OVqDF3uhXJ0NcMirvbYSYhdY5aFYoHXCK9o0VQF9nSZKqKWxb5iaecwvchbD3Sw7LjcFw4TD4BYv3mXASSvpJi/opIsWwVvNo7fWGGrd84h9/AQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p4Tft53WzSMxnsgJIdFsDVEnyWfJ8LJ9t+4EiXzqHfQ=; b=I8KQp4WVzHcPxJxPnXRGzevzpPrbBESwnr+PXBaXGD7BHqbgfgF1qaw81oGNx6nWyDNdpmJU4LelgMwUTrSfwu9jJE927FETLD+s3pkFgVluVFK3WvHCjU/0Z1AI9neIrrTs3SO73LPylF0BPU9GLi4v0YMAD2sXVn6Hq3VWWNjqVu87/0JW5dy9tbtQoomjFh9j7w+krb8YByOL6Jrwi2DMk3XOU2mwOBcKPtcy+ZsFX72EqyQsxJSLju5O7LYiBg5UCJEqgQfPsEb2/bR+Yq+laGQyjox+llecznNMuYK5qq4woGctbWfhkETpTr5ENL2/ioQ+9S9x8xB9LPJykA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wisc.edu; dmarc=pass action=none header.from=wisc.edu; dkim=pass header.d=wisc.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wisc.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=p4Tft53WzSMxnsgJIdFsDVEnyWfJ8LJ9t+4EiXzqHfQ=; b=EY0HZvWOxvJCmStbXOw9G51DnQUGPcGad9P9PmE8iTfFm0Hss5KU+Vwkuokz3vYFCl/F7sTLV64fReVYtqjA5SNTDTApsEIBgF9Am0e81quni9mf5xzHFvMrUk1PSRVxTI2h/AJwLR4/0ENtuEQa2pTFD5ajNuEup0KiB7vSIt8=
Received: from DM5PR0601MB3671.namprd06.prod.outlook.com (2603:10b6:4:7b::16) by DS7PR06MB6759.namprd06.prod.outlook.com (2603:10b6:5:2d3::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.16; Fri, 31 Jul 2020 20:32:33 +0000
Received: from DM5PR0601MB3671.namprd06.prod.outlook.com ([fe80::a92c:9a15:1bb0:4bfa]) by DM5PR0601MB3671.namprd06.prod.outlook.com ([fe80::a92c:9a15:1bb0:4bfa%7]) with mapi id 15.20.3216.033; Fri, 31 Jul 2020 20:32:33 +0000
To: John Levine <johnl@taugh.com>, dmarc@ietf.org
References: <20200731193040.AAF8B1DB2410@ary.qy>
From: Jesse Thompson <jesse.thompson@wisc.edu>
Message-id: <01c53fdc-342b-e2d3-16dc-f1161913d656@wisc.edu>
Date: Fri, 31 Jul 2020 15:32:30 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Thunderbird/80.0a1
In-reply-to: <20200731193040.AAF8B1DB2410@ary.qy>
Content-type: text/plain; charset="utf-8"
Content-language: en-US
Content-transfer-encoding: 7bit
X-ClientProxiedBy: CH2PR07CA0004.namprd07.prod.outlook.com (2603:10b6:610:20::17) To DM5PR0601MB3671.namprd06.prod.outlook.com (2603:10b6:4:7b::16)
MIME-version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [146.151.213.183] (146.151.213.183) by CH2PR07CA0004.namprd07.prod.outlook.com (2603:10b6:610:20::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.16 via Frontend Transport; Fri, 31 Jul 2020 20:32:32 +0000
X-Originating-IP: [146.151.213.183]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 1fea183c-471b-4856-49fe-08d83590da54
X-MS-TrafficTypeDiagnostic: DS7PR06MB6759:
X-Microsoft-Antispam-PRVS: <DS7PR06MB675995DBEF33E6C37FC01C1DF64E0@DS7PR06MB6759.namprd06.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:10000;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: VWEh0jjn+GCbVJBl9XQoCf8Dnuz+CffuS93YHZVQ+jTJVfQkynDWlYLt9g4OxXYqWQiJFJZai9N57Vml+rWhXTzPgPvwNNQZ30sZsvKA87TUDBoXNfCJ6BhAqOybDSG6WrTABAUVYiScelc6b9kyWK3oof5RLUyXCFpXEY11mv6m5MZqdPrDp6gWd4WdokQ87YP2OoUmmoD2fvf4WfxCaAavN3T2SEcKgdhWDyzTdpR68nLuZYthIw0nutOD6P4VgmEdJtQPWpIJ1angha92H5frTuITBu4nGjNEJGfEbNaFq4w1rvYIa/Mj3wDYUWxG8M/k0jLgpOe2TEKQVbUZBSGLsvfGbFbqRFOB5KRBrPRd/IfELEDxe/OyE4DueSdEiuOIgBuOtYxVm1ce7gU1a7niae5Dalf/O5wRV2MDRhDmH8bFSyJKtewxxQbxP2eiCHAUYZXs2Ccw9ZuScMIWOoYknUkOGyQ0PiVKHEvioMk=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM5PR0601MB3671.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(396003)(136003)(39860400002)(346002)(376002)(366004)(26005)(2906002)(16526019)(186003)(8936002)(66476007)(53546011)(786003)(66946007)(75432002)(66556008)(478600001)(44832011)(8676002)(86362001)(316002)(16576012)(2616005)(956004)(31696002)(36756003)(5660300002)(31686004)(6486002)(6706004)(3940600001)(43740500002)(130980200001)(223123001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: nig4kPqblIRr+m0lVbVCXh3eV7Z4Re+Pywv7DyU0QbS8chZVTE8iXiruwjfbUg5ssCbmkRwO5aa6VkKCyPPgHNQ7i4Q4HT3892GS+dGMFf9yHsCcfD/DvrMax70G5ikfBMjn7mgL88wCGWcN7kkYi5rVZ5Zbo/Y1ovXTwy/jDq7rUfUJJe4E0YX6PyxVOd/YrYOb/Qb7TI2n+nN92VsWQVyngeQLZZTfRHe5chxyYQYzUfx7BGpBcx6rGNdA9aIn5U/i1qNlGN+1BPB5EUw52OFD93TOIpvkxwuQOfM13R2qdqhObhC+hJRZVdq2+mPjMSUmjXQhTjCJCXCVPrN8SWxfDEtZ+pVJTU7kjG+lqxfvvftzpEEaPLPcnl8N4TMrRBGp6qHWj6A9t8BuT0k1yrVS40tOAcFpptSqwZKpssEBCX3SfV9NkTgxV7yXb7GEoYGk36DpYF7yYgOthozBFw/UwkMD2lfzHAJM5qvXQWuRl49duLQM/4jvkh8d97OVW8LzH8UZSnJ+kzJeu60P0QSoDjnleVgxLqCz+t/wly4w/uVyD2dvfVpIKOtdbIg2Der8yFgFuefEFEWkIZM9QokMMzf63UiPujtzzcuQlO918LK9quyTARL1okfafzBvSW6/K5r9c5ryDAAEdxSCRw==
X-OriginatorOrg: wisc.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: 1fea183c-471b-4856-49fe-08d83590da54
X-MS-Exchange-CrossTenant-AuthSource: DM5PR0601MB3671.namprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 31 Jul 2020 20:32:33.1292 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 2ca68321-0eda-4908-88b2-424a8cb4b0f9
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: kFS6yzBINUs8lV+aE4oOLmK5s9eAsFPCX5bMoHMEpJ1Sa3vJPmHKdHoJae/Uvk/2Iu6l7nJ9wMJ3VIGrXnWL/w==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS7PR06MB6759
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/5m0nKsnrK6rvQ8Vhtci2RcvE6OA>
Subject: Re: [dmarc-ietf] non-mailing list use case for differing header domains
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2020 20:32:44 -0000

On 7/31/20 2:30 PM, John Levine wrote:
> In article <b3dd7a3d-1dca-1ece-94f1-42b1e4a588e3@wisc.edu> you write:
>> I think you're right, and isn't the market indicating that there is demand for DMARC designed for other usage patterns?  e.g.
>> Would the CEO of any of those fortune 500 companies like the idea of their personal address being spoofed?
> 
> I dunno.

Well, they are probably unaware when the spoofing occurs (ignorance is bliss), but I know from experience that they (people important enough to complain top-down through management) don't like being the victim of backscatter floods as a result of spoofed return-paths.  

Same for list bombing (which seems to be increasingly weaponized against our VIPs).  It isn't spoofing but list bombing seems to create a similar amount of consternation when I tell them that there's not much that can be done to prevent or mitigate it.

 
> Would they like the idea of mail their assistants send out for them being silently discarded because it's falsely tagged as being "spoofed"?

That's the dilemma.  They also don't like their address being changed by mailing lists, but that's what we're stuck with giving them.

I think they want their IT staff to deploy an email system and policies that work the way they would expect.  They want their organization to be seen as secure, so they don't want to be on the Buzzfeed list of Fortune 500 companies that have neglected to secure their domains with DMARC.

Jesse

v2.23.0 | Report a Bug | By Email