Re: [dmarc-ietf] Composition Kills: A Case Study of Email Sender Authentication
"Kurt Andersen (b)" <kboth@drkurt.com> Tue, 21 April 2020 18:12 UTC
Return-Path: <kurta@drkurt.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98B943A0949 for <dmarc@ietfa.amsl.com>; Tue, 21 Apr 2020 11:12:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=drkurt.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 29NNfaMpkz30 for <dmarc@ietfa.amsl.com>; Tue, 21 Apr 2020 11:12:08 -0700 (PDT)
Received: from mail-il1-x12b.google.com (mail-il1-x12b.google.com [IPv6:2607:f8b0:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 800A83A0942 for <dmarc@ietf.org>; Tue, 21 Apr 2020 11:12:07 -0700 (PDT)
Received: by mail-il1-x12b.google.com with SMTP id w6so9943773ilg.1 for <dmarc@ietf.org>; Tue, 21 Apr 2020 11:12:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=drkurt.com; s=20130612; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=PPRUD0Rsy17eLdouzK/wKCCGN8abaOLGf9QKLCZJMno=; b=Huw7oni4726rarb9r7x9kVDeTMv2/cQN9iar4xnrMXVkm7kqQnRfZ5H1K+fQMxCKL4 9Xe/RDncXKS7toK3wVunGHhq839EcIIzwNqeURzOj4Oi+nknkpbzKJOd4XKGJVb07B9W Pd07KRK9p06npBsufachg4HPn4Yzy6Tz3+mZE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=PPRUD0Rsy17eLdouzK/wKCCGN8abaOLGf9QKLCZJMno=; b=EcOzGSpcj4lE4r6N0TrHjVEkQXsB2tvMPNvrBxJAAemFwp7ZB35DLhM2ZHkjIPf+GC yUtyTiHpxCXLhcnKsMJDw5JVpvHn1x6SdDc7kkTNeZ4frMm9Umkk3/KHc8tDKOpTyYpy dSqJA0SGpAUPvbYMsPmWrBFVWZGGtZCQKKyHfkCP1kBgUVZLduJq+XOg6PSpQSDYdo7M 6RKrBkfDGobk+sHuE99tsCUqSUaSTmfXeNFa699lqbF/7Hw+8naPcrBHmXEPq2MDEAeu TAKlRsOpxzLiJys4uPvshqclFVTeuVWblEAu/iL8vxUcBIud79/UPpUirHMDGiPX7yc6 JYwA==
X-Gm-Message-State: AGi0PuYEgGm2w4O9ZAj9ZMYDhQswa/SW3cRfeFOr0mwTlC+mrXwELapO i86Sl8pl8wfOC9wz1RB1H2GpxYfiw4fDD3YVRTP1oCAO/Rwhyw==
X-Google-Smtp-Source: APiQypJlPGCN2RArMazBLXcYjESQzdOwUvFBlcibgGO85grK0J/ZE+iUZ8+DksZxgEf3wz9K/zulIlFJ8z/QwaWfIJI=
X-Received: by 2002:a92:d44b:: with SMTP id r11mr21818222ilm.120.1587492726276; Tue, 21 Apr 2020 11:12:06 -0700 (PDT)
MIME-Version: 1.0
References: <2656238.kvSPeydUtl@sk-desktop>
In-Reply-To: <2656238.kvSPeydUtl@sk-desktop>
From: "Kurt Andersen (b)" <kboth@drkurt.com>
Date: Tue, 21 Apr 2020 11:11:47 -0700
Message-ID: <CABuGu1r1Yv5SdjErvicEVpd90Wg6SznDp1K58Pjz-9PXCy-ghA@mail.gmail.com>
To: Scott Kitterman <scott@kitterman.com>
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000008b3a505a3d0f406"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/B7X1ZLdjLA-7gd49gwUntSuqpLM>
Subject: Re: [dmarc-ietf] Composition Kills: A Case Study of Email Sender Authentication
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Apr 2020 18:12:12 -0000
Extracting from the abstract of a paper in process by Casey Deccio (now researching SPF at BYU, formerly at Cisco): Our techniques elicit SPF and DMARC validation activity of the servers, > while minimizing spam and perceived abuse. We find that only 25% of mail > servers and less than half of domains deploy SPF validation. Of domains > that perform SPF validation, 7.6% exhibit inconsistent validation behavior > across mail servers. We also find that 75% of organizations with mail > servers for popular domains share DNS infrastructure with up to tens of > thousands of others. Most of his focus has been on SPF but it would be useful to loop him into the DMARCbis discussions. --Kurt On Tue, Apr 21, 2020 at 9:11 AM Scott Kitterman <scott@kitterman.com> wrote: > There is probably protocol improvement work that should be done based on: > > https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf > > Scott K > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
- [dmarc-ietf] Composition Kills: A Case Study of E… Scott Kitterman
- Re: [dmarc-ietf] Composition Kills: A Case Study … Kurt Andersen (b)
- Re: [dmarc-ietf] Composition Kills: A Case Study … John Levine
- Re: [dmarc-ietf] Composition Kills: A Case Study … Dave Crocker
- Re: [dmarc-ietf] Composition Kills: A Case Study … Scott Kitterman
- Re: [dmarc-ietf] Composition Kills: A Case Study … John Levine
- Re: [dmarc-ietf] Composition Kills: A Case Study … Juri Haberland
- Re: [dmarc-ietf] Composition Kills: A Case Study … ned+dmarc