IETF Logo Mail Archive

Re: [dmarc-ietf] THIS IS ABUSE (it might be)

John R Levine <johnl@taugh.com> Mon, 10 April 2023 13:30 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E621C152A09 for <dmarc@ietfa.amsl.com>; Mon, 10 Apr 2023 06:30:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="w3lz/yxT"; dkim=pass (2048-bit key) header.d=taugh.com header.b="wPj4Ylzu"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NLXaCVwPergD for <dmarc@ietfa.amsl.com>; Mon, 10 Apr 2023 06:30:14 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A30E3C152A00 for <dmarc@ietf.org>; Mon, 10 Apr 2023 06:30:13 -0700 (PDT)
Received: (qmail 63184 invoked from network); 10 Apr 2023 13:30:11 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=f6ce.64340f63.k2304; bh=Qzsi5K2gvLFmMZ/9ERz1RERVlGV3OMC294d1Hb5g/aE=; b=w3lz/yxTIPqWVf6FYJ6/f1euIb5QIhNQa/7PJszoYxJgpI9MxR2id1PuDFAt4iuVTxPN4BZ9SsXlm8EXzeLbkLw2OeAZfLcNjQzNFqMYfvfPYba5PvXkd5BR46B3ke6pb3p+I8aXLbiKhZgObE08pyhWY1mKJjTlHspEKMDr5ut4bNAblRthgf0xRt+KyFnWiiiHaF53kb8sWDM/NcCZXCYOxbsGAmQsTM1EB4CdS3Jy1tGJSCp4EMjaQtwYIN6hiU6GVMsm4WQRhrhMUscxEbE7Q2P/vphzSZsZ8Ueo3BVsxO9wE01Kc9YmPafaPqlfdxKG2xH7bLNuRdn9JL6o+w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=f6ce.64340f63.k2304; bh=Qzsi5K2gvLFmMZ/9ERz1RERVlGV3OMC294d1Hb5g/aE=; b=wPj4YlzuonMwwOhBDAt+2uRAAivTuenrWp5yCPiQk5c9atzMIiIjqUsOWfYZqBuuf0dvd1CKlD3MW3a5DhdS2ieS1he9wfynGR5LCcHN/sDrmXHvxMhu011lZhlUg1KcrJNYtd0fFnQ/BhtJjbKTenosKzzLneLtXj8adp2czJo+5BLpAvFRLHKS/sx7wJhBrtTrpXiMw22Rsqwa5Gmtu5HR6dhM1qAQ8c04zb5IyroKH54aut2tSF0D6YySTH01DpWzRIgGBRPKRDbnaWaTCHYQ1b7hHhC6rSwBW7agAqbZ19yY/SEzk2aLKhB+evSCQSQCcQ/2lFHBfuoUumSgZA==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 10 Apr 2023 13:30:10 -0000
Received: by ary.qy (Postfix, from userid 501) id 8422FBEC5568; Mon, 10 Apr 2023 09:30:10 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 02283BEC554A; Mon, 10 Apr 2023 09:30:09 -0400 (EDT)
Date: Mon, 10 Apr 2023 09:30:09 -0400
Message-ID: <dc83751e-0a52-c9e2-fa9b-082ceea8c7f5@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Alessandro Vesely <vesely@tana.it>, dmarc@ietf.org
Cc: eric@infobro.com
X-X-Sender: johnl@ary.qy
In-Reply-To: <74f52cb3-e5fe-a78f-97c5-7b0cd53f1216@tana.it>
References: <20230408135930.B1F69BC829D7@ary.qy> <74f52cb3-e5fe-a78f-97c5-7b0cd53f1216@tana.it>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/76Bek-5eOqNNenChNxJt0SxNgEk>
Subject: Re: [dmarc-ietf] THIS IS ABUSE (it might be)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2023 13:30:19 -0000

On Mon, 10 Apr 2023, Alessandro Vesely wrote:
> On Sat 08/Apr/2023 15:59:30 +0200 John Levine wrote:
>> It appears that Eric D. Williams  <eric@infobro.com> said:
>>> -=-=-=-=-=-
>>> 
>>> I think the reliance upon list operators is properly placed on that role. 
>>> It's not a DMARC problem, it's a DKIM problem, I think.
>> 
>> No, it's a DMARC problem. DKIM didn't cause any problems for mailing lists 
>> (ignoring ill-advised and never used ADSP) until DMARC was layered on top 
>> of it, and AOL and Yahoo abused it to foist the support costs on the rest 
>> of the world after they let crooks steal their users' address books.
>
> That's how it happened.  Can we now accept their push?  After so many email 
> addresses became public, how about accepting that email addresses being 
> public doesn't have to imply that anyone can impersonate them?

No, that's not what happened.  People had been faking AOL and Yahoo 
addresses forever and the providers dealt with it.  The problem was that 
spammers used the stolen address books to send spam from the addresses of 
people the recipients knew, and they were flooded with complaints "why are 
my friends spamming me."  It's entirely the fault of those providers' 
poor security.

Re impersonating, until DMARC can tell the difference between 
impersonation and the kinds of ordinary forwarding we've been doing since 
the 1980s, nope.

R's,
John

v2.23.0 | Report a Bug | By Email