IETF Logo Mail Archive

Re: [dmarc-ietf] THIS IS ABUSE (it might be)

Douglas Foster <dougfoster.emailstandards@gmail.com> Fri, 07 April 2023 23:54 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 041DEC14F748 for <dmarc@ietfa.amsl.com>; Fri, 7 Apr 2023 16:54:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.094
X-Spam-Level:
X-Spam-Status: No, score=-7.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MoQ44xYsRvIW for <dmarc@ietfa.amsl.com>; Fri, 7 Apr 2023 16:54:36 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30EFEC14F693 for <dmarc@ietf.org>; Fri, 7 Apr 2023 16:54:36 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id bd22so2632941ljb.5 for <dmarc@ietf.org>; Fri, 07 Apr 2023 16:54:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1680911673; x=1683503673; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=fv2qRejkvlRv9Ywa7gK3yPfvmq+o4Jo5sg/CilJHF8g=; b=ORtHDBRsvK+U1oMzL1oBqepUnwwX4Z2Up3sYXuvvxyfIgRQFgTmLAcxR0bhTbc6AaR ssToK30SVmdJaH0bX4YFXBai3IMWSr4NNm0Da7R8UeOQRr7Arvl0f8VQZNtXjc28IAFP /kM7H7h3ZmUN16hNa3Nk1VLed/ELtBs6yLv3AfEcNHYildcMppKWHu+5ylWkJE2nAinn a1L2MrxjHMsyz/KJzGQKP2ADQXzcyueT+DCP0STRTCl1g6rP4eRLPUJKSWOR/RtdMfrk Vf2LGJ1xd3i04AaTd9AZj5HmxTUwy+W6SvCcLASjnNuRueXLNQvca6W7JT40D3WXXbPo PLsQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680911673; x=1683503673; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=fv2qRejkvlRv9Ywa7gK3yPfvmq+o4Jo5sg/CilJHF8g=; b=lDCkuU8hY0wJAOj0GODIXzGzWVDlhkubawqGP88pbMZF5Dy1nBiPPbR4abCmCFG6XZ 1RLi73yDYW14GgsDaszVCCtnIbKhktwSvH5rRZk/5eMqA97eYqgfWdcoTrcx8/KRff9t ODXPy/nrvNYckSNS72Dz4z/XbT9D9nPpo3lv9tQdRWbGLbOi6S1dUzYN9tUP896fTrzj /1jR/DmSd4510x5zvqcIgsTebeF4OMV4wcnHaiou2F9XUoaEIbLxh03tWcAah04A/JEB fgFBS4qA2sUGOmXNmmkzy3NSEKOiB2WrjY0+U9VQ40w7/3WzuFtifyQyM/I3qlIK+Swi Zrtg==
X-Gm-Message-State: AAQBX9dKnhxAwEuHjL0j/wTKxwHk7HfWTrx+sxy6qyr5DdgA5vAefBJu Aj1xHNlu9+Cfz+F47C/aOjWnwzuU/P6F0iR7QM5ku6iR
X-Google-Smtp-Source: AKy350ZU5yBJ9kpDU5Jsv7hcWZpAMEe4ER10c7qjRoClx/crVPoYdEKZRVDXmlEecluOKH2m6AysPu5E6ormRj39120=
X-Received: by 2002:a2e:88c1:0:b0:299:a9db:95 with SMTP id a1-20020a2e88c1000000b00299a9db0095mr955137ljk.1.1680911672897; Fri, 07 Apr 2023 16:54:32 -0700 (PDT)
MIME-Version: 1.0
References: <MN2PR11MB43519A6CD95E5C80AA1EC2CFF7899@MN2PR11MB4351.namprd11.prod.outlook.com> <82BA61C2-8A68-4CD7-ABCC-8E7BD19C7F68@kitterman.com> <54d18f40-636a-aa78-a301-5ad00868f17a@tana.it> <8898686F-429F-4166-8C05-3A554FB0ABFF@kitterman.com>
In-Reply-To: <8898686F-429F-4166-8C05-3A554FB0ABFF@kitterman.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Fri, 07 Apr 2023 19:54:21 -0400
Message-ID: <CAH48ZfwH44nXntNEycDLxO8MbZ-pdwAbQWVZs9Kmn+BYsTp__A@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002975d705f8c7bfdf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ALgHOUOYzTeuUyFfNqLa8IyNRdQ>
Subject: Re: [dmarc-ietf] THIS IS ABUSE (it might be)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Apr 2023 23:54:40 -0000

Scott's approach solves our longest-running argument, but not in the way
that I expected.    We can embrace his approach with a single Security
Consideration to this effect:

"Mailing lists are frequently characterized by operating practices that
depend on security through obscurity rather than Sender Authentication.
 Identifier rewrite may be used as necessary to evade detection of weak
Sender Authentication practices.   While exceptions doubtless exist,
determining the trustworthiness of messages from any particular mailing
list is difficult, and beyond the scope of this document.   Participation
risk should be taken into account when subscribing to a mailing list and
accepting incoming messages from a list."

However, this type of truthfulness does not seem to be what the charter
document intended.

Doug Foster



On Fri, Apr 7, 2023 at 4:24 PM Scott Kitterman <sklist@kitterman.com> wrote:

>
>
> On April 7, 2023 6:43:33 PM UTC, Alessandro Vesely <vesely@tana.it> wrote:
> >It is going to be problematic to kick off someone who impersonates
> different users.  What do you do, block IP numbers?
> >
> >We keep on saying that mailing list have worked this way for decades.
> Sure. And email in general has been working for decades before the need to
> use authentication arose.  So we can bet that people using MLs is highly
> selected and well behaved... but is that true?  Wouldn't a jester be able
> to completely disrupt our work by heavily repeating impersonations to the
> point that we'll be forced to restrict to Github tools to discuss our
> drafts?  I wouldn't bet...
> >
> >Some time ago I proposed a p=mlm-validate[*] telling receivers to reject
> on failure only if they are a mailing list or similar forwarder.  I thought
> that would cause minimal disruption since such kind of posts most of the
> times reach destination in one hop —akin to transactional stuff— and a
> poster who gets a bounce can quickly retry.  Such kind of tool would
> eliminate impersonation chances.
> >
> >An obvious truth is that we cannot publish a successful protocol if we
> ourselves see no reason to make any use of it.
>
> To the extent managing mailing list subscriber abuse is a problem, it's
> not a DMARC problem.
>
> The IETF has had problems with sock puppets before and managed to address
> them.
>
> Scott K
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email