Re: [dmarc-ietf] Reversing modifications from mailing lists
Alessandro Vesely <vesely@tana.it> Thu, 02 December 2021 11:52 UTC
Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5ECA03A1070 for <dmarc@ietfa.amsl.com>; Thu, 2 Dec 2021 03:52:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.95
X-Spam-Level:
X-Spam-Status: No, score=-3.95 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-1.852, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=tana.it header.b=41FEzTSE; dkim=pass (1152-bit key) header.d=tana.it header.b=CVN4LLgd
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QOQfCXLTCr_R for <dmarc@ietfa.amsl.com>; Thu, 2 Dec 2021 03:52:34 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 197713A1072 for <dmarc@ietf.org>; Thu, 2 Dec 2021 03:52:31 -0800 (PST)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=tana.it; s=epsilon; t=1638445945; bh=ZLs8d5Sj+Pz/aq9zmxfGdGBsya25ccvo+WSD6w8k8PA=; h=Subject:To:References:From:Date:In-Reply-To; b=41FEzTSEp7TE01EE3H36lHgtRJw8stgayqHf3JWyx4n9fwI6cAs3PR2HLg8i0Gs9y hvZezkVJoWaO+HaxrwZCA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1638445945; bh=ZLs8d5Sj+Pz/aq9zmxfGdGBsya25ccvo+WSD6w8k8PA=; h=To:References:From:Date:In-Reply-To; b=CVN4LLgdQCEoTHuxnR7vk1GjPNVaU4ahlgB6mZy6FSi5vj/eA1mBzVLt0k+KN5WBU 6ioVzXtVE/yfQDjAB/S+hYkZgbgzWV5I+qHKA0xL3UKsWStC2vfN8pIcjy1+MMHNJ1 AzMj6zLzUM3aoWJp5r3ZRJ7jbh7v/82kJ49qcfJA+DTlKdEfuZdXNDcOiDEgd
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0BA.0000000061A8B379.00003EFB; Thu, 02 Dec 2021 12:52:25 +0100
To: John Levine <johnl@taugh.com>, dmarc@ietf.org
References: <20211201191030.72CD830D4C9E@ary.qy>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <dc58114f-ce2d-d945-98e4-f96d7c6fde7d@tana.it>
Date: Thu, 02 Dec 2021 12:52:23 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
MIME-Version: 1.0
In-Reply-To: <20211201191030.72CD830D4C9E@ary.qy>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/9-6vyjcqcNEZ5rYf3lfTHjtgKdk>
Subject: Re: [dmarc-ietf] Reversing modifications from mailing lists
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Dec 2021 11:52:42 -0000
On Wed 01/Dec/2021 20:10:30 +0100 John Levine wrote: > It appears that Alessandro Vesely <vesely@tana.it> said: >>I'm not clear about the last but one paragraph of that section: >> >> An example of such an attack includes altering the MIME structure, >> exploiting lax HTML parsing in the MUA, and defeating duplicate >> message detection algorithms. >> >>I'm going to file an errata about it. Altering the MIME structure is only >>possible if the value of l= is less than the original message length. > > I wish you hadn't. I think the original concern was for sloppy MIME that > forgot the -- after the last part. I hope such errors are not so common as to deserve some kind of standardization. >>Anyway, I wouldn't want to authenticate a message that underwent an HTML footer >>addition, because it can completely replace the original content in the end >>recipient's eyes. My draft requires footers to be plain text. > > Yet that's exactly what one of the largest discussion group services in the world did. > As I keep pointing out, this is like an UNCOL, it does not generalize enough to be useful. > > On the other hand, ARC handles this just fine. I, for one, am unable to use ARC as a receiver and authenticate messages that may well be spear phishing. So even though ARC can handle everything, it is not usable by everyone. In order to trust the authorship of a message from Yahoo groups you have to trust Yahoo, either expressing your trust in an ARC filter configuration file or directly whitelisting Yahoo groups in a DMARC filter. However, not all mailing lists need such special settings to authenticate their posters. There are mailing lists which make no changes, and ones which make revertible changes. Your objection sounds like you find that a lisp compiler is useless because it doesn't compile fortran, which is one of the most ubiquitous languages in the world. Two methods is better than one. Best Ale --
- [dmarc-ietf] Reversing modifications from mailing… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… John Levine
- Re: [dmarc-ietf] UNCOL and Reversing modification… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Douglas Foster
- Re: [dmarc-ietf] UNCOL and Reversing modification… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] UNCOL and Reversing modification… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] UNCOL and Reversing modification… Baptiste Carvello
- Re: [dmarc-ietf] UNCOL and Reversing modification… Douglas Foster
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… ned+dmarc
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Dave Crocker
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Scott Kitterman
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Benny Pedersen
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely