IETF Logo Mail Archive

Re: [dmarc-ietf] making mail not work for your users, was the endless mailing list silliness

"MH Michael Hammer (5304)" <MHammer@ag.com> Wed, 17 April 2013 22:00 UTC

Return-Path: <MHammer@ag.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CC241F0D12 for <dmarc@ietfa.amsl.com>; Wed, 17 Apr 2013 15:00:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.319
X-Spam-Level:
X-Spam-Status: No, score=-2.319 tagged_above=-999 required=5 tests=[AWL=0.280, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kECebsuS50ih for <dmarc@ietfa.amsl.com>; Wed, 17 Apr 2013 15:00:23 -0700 (PDT)
Received: from agwhqht.amgreetings.com (agwhqht.amgreetings.com [207.58.192.41]) by ietfa.amsl.com (Postfix) with ESMTP id ADAD01F0D10 for <dmarc@ietf.org>; Wed, 17 Apr 2013 15:00:23 -0700 (PDT)
Received: from USCLES544.agna.amgreetings.com ([fe80::f5de:4c30:bc26:d70a]) by USCLES531.agna.amgreetings.com ([::1]) with mapi id 14.02.0328.009; Wed, 17 Apr 2013 18:00:22 -0400
From: "MH Michael Hammer (5304)" <MHammer@ag.com>
To: "J. Gomez" <jgomez@seryrich.com>, "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] making mail not work for your users, was the endless mailing list silliness
Thread-Index: AQHOO1fgskOTRsgdJU2PZcR13NTSRJja5L8dgAAMp6A=
Date: Wed, 17 Apr 2013 22:00:21 +0000
Message-ID: <CE39F90A45FF0C49A1EA229FC9899B05659120@USCLES544.agna.amgreetings.com>
References: <20130417103918.3587.qmail@joyce.lan> <7BF5EC3D91FA4D6DA7902A1387BCFB60@fgsr.local>
In-Reply-To: <7BF5EC3D91FA4D6DA7902A1387BCFB60@fgsr.local>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.104.254.232]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [dmarc-ietf] making mail not work for your users, was the endless mailing list silliness
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2013 22:00:24 -0000

> -----Original Message-----
> From: dmarc-bounces@ietf.org [mailto:dmarc-bounces@ietf.org] On Behalf
> Of J. Gomez
> Sent: Wednesday, April 17, 2013 4:56 PM
> To: dmarc@ietf.org
> Subject: Re: [dmarc-ietf] making mail not work for your users, was the
> endless mailing list silliness
> 
> On Wednesday, April 17, 2013 12:39 PM [GMT+1=CET], John Levine wrote:
> 
> > Perhaps we could try and think more clearly about providing service to
> > actual mail users and less about hypothetical spoofing attacks on
> > people who are not plausible spoof targets.
> 
> It's pretty clear by now that DMARC is not about protecting actual email
> users, but about protecting big brands from email spoofing their brand.
> 
> Regards,
> 
> J. Gomez
> 

Having seen the damage done to individuals clicking on those phishing or malware emails purporting to be from banks and other big brands I strongly disagree with your statement which appears somewhat dismissive. The further we can push the bad guys from being able to create and deliver fake emails that look like communications from organizations, the better off we all are. It doesn't necessarily solve the issue of fake emails claiming to be from individuals at other types of domains but then individuals aren't likely to have a legitimate reason to ask you to log into "your" bank portal and provide credentials.

Using strong email authentication, malicious site takedowns and other approaches we have significantly reduced the risk for people who receive email that claims to be from our sites. Do we benefit? Of course we do. But failing to recognize the benefit to individual people is extremely short sighted. I would argue that organizations not making these sorts of efforts are doing a disservice to their customers and the community at large.

The fact that SPF/DKIM/DMARC do not address every problem under the sun does not mean that these authentication approaches aren't useful in protecting endusers.

Mike

v2.23.0 | Report a Bug | By Email