IETF Logo Mail Archive

Re: [dmarc-ietf] THIS IS ABUSE (it might be)

Scott Kitterman <sklist@kitterman.com> Fri, 07 April 2023 20:24 UTC

Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 658D1C1524B4 for <dmarc@ietfa.amsl.com>; Fri, 7 Apr 2023 13:24:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b="AGXo+azU"; dkim=pass (2048-bit key) header.d=kitterman.com header.b="Lyz2tXKC"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IzzNTjnMT-d2 for <dmarc@ietfa.amsl.com>; Fri, 7 Apr 2023 13:24:19 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 33881C1522C2 for <dmarc@ietf.org>; Fri, 7 Apr 2023 13:24:18 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id 5DD38F8027B; Fri, 7 Apr 2023 16:24:06 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1680899031; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=fZh4Oj6llJcu/NQwFRHPj8JY5Bzf8+52KUS/BwUZI5w=; b=AGXo+azUepUHvXtuQuIcKcqgtWR5ZBQwM/XXi6sImIkjT8RGDqXEHa0WNksauR31vwy9E Mwoud/xgmmyOz9xDA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1680899031; h=date : from : to : subject : in-reply-to : references : message-id : mime-version : content-type : content-transfer-encoding : from; bh=fZh4Oj6llJcu/NQwFRHPj8JY5Bzf8+52KUS/BwUZI5w=; b=Lyz2tXKCupWz3AXGZ8nkt++WD/4rO4ASNlOmqRr3LFxRTjxFcZDjgPNEvSB1wrSkXEkqn TE6oeXWnfo9gIlpCBCXlLuqxp4FKS9+vO5SzleCN7HJyrS1zUAbVRuCMShpGf2XxyWry0P9 VtaowlwJYm/kYGj7KjON4f7A2naqOTQjk8y0gzdMwYkeunjv9JZkhHk7JlOYBAz1qrYhXHT ex83SiV/fbQ03PfJrXjgjFRZPjmtuvKi9uyS92OajN37Wff3eBvZqHMYgsdBcJc70HvQK6F s65AOmoabBozehe1/Wby90UFERh94nvBtqY+ZiKWPqjbifvkrJ7e41YNmxMQ==
Received: from [127.0.0.1] (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTPSA id C9B17F80082; Fri, 7 Apr 2023 16:23:51 -0400 (EDT)
Date: Fri, 07 Apr 2023 20:23:48 +0000
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
In-Reply-To: <54d18f40-636a-aa78-a301-5ad00868f17a@tana.it>
References: <MN2PR11MB43519A6CD95E5C80AA1EC2CFF7899@MN2PR11MB4351.namprd11.prod.outlook.com> <82BA61C2-8A68-4CD7-ABCC-8E7BD19C7F68@kitterman.com> <54d18f40-636a-aa78-a301-5ad00868f17a@tana.it>
Message-ID: <8898686F-429F-4166-8C05-3A554FB0ABFF@kitterman.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/BdfpD8YoB6NSPE9Nik0m7CeH7j0>
Subject: Re: [dmarc-ietf] THIS IS ABUSE (it might be)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Apr 2023 20:24:23 -0000


On April 7, 2023 6:43:33 PM UTC, Alessandro Vesely <vesely@tana.it> wrote:
>It is going to be problematic to kick off someone who impersonates different users.  What do you do, block IP numbers?
>
>We keep on saying that mailing list have worked this way for decades.  Sure. And email in general has been working for decades before the need to use authentication arose.  So we can bet that people using MLs is highly selected and well behaved... but is that true?  Wouldn't a jester be able to completely disrupt our work by heavily repeating impersonations to the point that we'll be forced to restrict to Github tools to discuss our drafts?  I wouldn't bet...
>
>Some time ago I proposed a p=mlm-validate[*] telling receivers to reject on failure only if they are a mailing list or similar forwarder.  I thought that would cause minimal disruption since such kind of posts most of the times reach destination in one hop —akin to transactional stuff— and a poster who gets a bounce can quickly retry.  Such kind of tool would eliminate impersonation chances.
>
>An obvious truth is that we cannot publish a successful protocol if we ourselves see no reason to make any use of it.

To the extent managing mailing list subscriber abuse is a problem, it's not a DMARC problem.

The IETF has had problems with sock puppets before and managed to address them.

Scott K

v2.23.0 | Report a Bug | By Email