Re: [dmarc-ietf] UNCOL and Reversing modifications from mailing lists
Baptiste Carvello <devel@baptiste-carvello.net> Wed, 24 November 2021 20:54 UTC
Return-Path: <devel@baptiste-carvello.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F8253A0C1C for <dmarc@ietfa.amsl.com>; Wed, 24 Nov 2021 12:54:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.75
X-Spam-Level:
X-Spam-Status: No, score=-3.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-1.852, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A5g2AdU9Rau2 for <dmarc@ietfa.amsl.com>; Wed, 24 Nov 2021 12:54:51 -0800 (PST)
Received: from www210.your-server.de (www210.your-server.de [78.46.0.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D16183A0C1B for <dmarc@ietf.org>; Wed, 24 Nov 2021 12:54:49 -0800 (PST)
Received: from sslproxy02.your-server.de ([78.47.166.47]) by www210.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92.3) (envelope-from <devel@baptiste-carvello.net>) id 1mpzHt-0006cV-UV for dmarc@ietf.org; Wed, 24 Nov 2021 21:54:41 +0100
Received: from [2001:41d0:fe87:7000:494b:3fe:9ab5:6cf2] by sslproxy02.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from <devel@baptiste-carvello.net>) id 1mpzHt-0003Jd-Q4 for dmarc@ietf.org; Wed, 24 Nov 2021 21:54:41 +0100
To: dmarc@ietf.org
References: <20211123203406.73152307DA83@ary.qy> <cb57d32d-038d-61f6-528c-d86d529fac10@tana.it>
From: Baptiste Carvello <devel@baptiste-carvello.net>
Message-ID: <0328a88e-7dcc-f7c6-9cfb-8c4f90a9afd0@baptiste-carvello.net>
Date: Wed, 24 Nov 2021 21:54:41 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <cb57d32d-038d-61f6-528c-d86d529fac10@tana.it>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Authenticated-Sender: webmaster@baptiste-carvello.net
X-Virus-Scanned: Clear (ClamAV 0.103.3/26363/Wed Nov 24 10:19:30 2021)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/GZjJI9PeT6KpBIn5yzQ_18DMxcY>
Subject: Re: [dmarc-ietf] UNCOL and Reversing modifications from mailing lists
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Nov 2021 20:54:55 -0000
Hi, Le 24/11/2021 à 12:00, Alessandro Vesely a écrit : > > ARC implies a reliable global reputation system, which only giant > providers can afford. Not necessarily. It only imply that the evaluator has some reason to consider acceptable that this particular message be handled by this particular forwarder. If, for example, the evaluator can know for sure that the author designated in the From field really sent a message to the forwarder immediately before the forwarded message came in, the probability that the message is genuine is much higher [1]. Beginning of this month, I proposed an idea to achieve just that. Cheers, Baptiste note [1]: indeed, the attack model then changes from "send a message with a faked From header" (easy) to "somehow have your target send you a genuine message so you can modify and forward it" (possible, but much harder, needs a targeted attack). Only high profile targets need to care about the second type of attack.
- [dmarc-ietf] Reversing modifications from mailing… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… John Levine
- Re: [dmarc-ietf] UNCOL and Reversing modification… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Douglas Foster
- Re: [dmarc-ietf] UNCOL and Reversing modification… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] UNCOL and Reversing modification… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] UNCOL and Reversing modification… Baptiste Carvello
- Re: [dmarc-ietf] UNCOL and Reversing modification… Douglas Foster
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… Wei Chuang
- Re: [dmarc-ietf] UNCOL and Reversing modification… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… ned+dmarc
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Dave Crocker
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Scott Kitterman
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… John Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely
- Re: [dmarc-ietf] Reversing modifications from mai… Wei Chuang
- Re: [dmarc-ietf] Reversing modifications from mai… John R Levine
- Re: [dmarc-ietf] Reversing modifications from mai… Benny Pedersen
- Re: [dmarc-ietf] Reversing modifications from mai… Murray S. Kucherawy
- Re: [dmarc-ietf] Reversing modifications from mai… Alessandro Vesely