IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports

Michael Thomas <mike@mtcc.com> Tue, 05 January 2021 19:34 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA8903A11E8 for <dmarc@ietfa.amsl.com>; Tue, 5 Jan 2021 11:34:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.013
X-Spam-Level:
X-Spam-Status: No, score=-2.013 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, NICE_REPLY_A=-0.262, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SpmrHQokivjx for <dmarc@ietfa.amsl.com>; Tue, 5 Jan 2021 11:34:44 -0800 (PST)
Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FDE73A11F7 for <dmarc@ietf.org>; Tue, 5 Jan 2021 11:34:43 -0800 (PST)
Received: by mail-pl1-x634.google.com with SMTP id j1so278618pld.3 for <dmarc@ietf.org>; Tue, 05 Jan 2021 11:34:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=g/LN+TDnZWIWrkIqnHLD5UwxFzgS+lRir+XqOHJVOnY=; b=lubPX8xDUzN810lGNOkBMPW7oRKkEgtmJJZCeq9ze0ybIF3BM+aW8gMnYBDMbbnzN7 Mn+2MVfLCc2IhlCtZOe/fmPH3M8cG7rSUtxWS170Dr0sm29ozIZT0Mydh0vEnASMOB09 lBrdGjC19S9A1uVHNw10NohGkKqWVQxPLWJvM9RY035PBUzOy/9BHM2MiPItMIksQV9k eoqHXYL7Udcynh7Kjd0rvSMZ7FICD7qAP4AcrZScoa5z0v52d93Es3gJZskWlWBWrULs Pn88q5eQ7fZOHXUYFYIcyXRzTIM2Qh8PIUYShxgBDRJCEKm6YCMO2908Wv9BLBpoY5Zm B4mQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=g/LN+TDnZWIWrkIqnHLD5UwxFzgS+lRir+XqOHJVOnY=; b=oTixgw4UlmwCokgeDGklmO6PtJgxqfnmope2Z0m4S3HSskpxPp0b975QG3XNtdF5ET WGh8ocJTCMia+BS+A6F7j7qCzG6iSDIc6k2xaBo987sBkrNz04PdFQx7vKXDa5fWGWB7 NuoLwHb6aHgzUjAfGli/yUocuof7vfK6SrZXV/s9ehPt08zu3VTR6UdXS5AgVnB8TMWq E9agcgDdTa+M268AqHyl3MXjTFv8TxuQL/Gc/udxh4buFQvDnLya8LJ8DZr1hAq4vNhq Ki/SIUmJ1ns/PoFDr/aL+AI8yVub9TX7TeL0XesAp9qWKQbD88oREvaxOsdLSzH4tAqg LhvQ==
X-Gm-Message-State: AOAM531HyIRpPgpdPfI4ad5VCeGrEmNH25ZDEM4bcfo60GSwd0ZGoNIC fnVMfCnLImW3pF30vIbbpm2UI2hHCOnjDQ==
X-Google-Smtp-Source: ABdhPJwMadNrU/92awcxuH3sWR/sJ6Vokse7XRvkY5IMtAu0n/0FiJe7VSeKirM1Y2kdO4N112kMXw==
X-Received: by 2002:a17:90a:414d:: with SMTP id m13mr693951pjg.229.1609875283022; Tue, 05 Jan 2021 11:34:43 -0800 (PST)
Received: from mike-mac.lan (107-182-39-88.volcanocom.com. [107.182.39.88]) by smtp.gmail.com with ESMTPSA id gk4sm10168pjb.57.2021.01.05.11.34.42 for <dmarc@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 05 Jan 2021 11:34:42 -0800 (PST)
To: dmarc@ietf.org
References: <20210104174623.2545154CFF9F@ary.qy> <FD45F9FC-46B0-40A9-ADC6-DDD7650D62F2@bluepopcorn.net> <ae77d9f-6f63-16ca-903a-7cb463a7b58d@taugh.com> <CABuGu1o2t7WaEOh+nsx3_MRUGgGHqKHzQ9302FM9-HL0GxvJvA@mail.gmail.com> <f15c8f53-8075-99a1-83c7-f687200e6a94@gmail.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <f640ee95-ba0a-6aa7-1a14-2af1db151e27@mtcc.com>
Date: Tue, 05 Jan 2021 11:34:41 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <f15c8f53-8075-99a1-83c7-f687200e6a94@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/GdkJANVhUTO5d2yBb1BDlsYxaQA>
Subject: Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jan 2021 19:34:52 -0000

On 1/5/21 11:22 AM, Dave Crocker wrote:
>
> From: header field rewriting demonstrates that DMARC is, indeed, 
> trivial to defeat (or rather, to route around.)  Also, receiver 
> filtering engines are all that matter.  Real-time actions by 
> recipients are demonstrably irrelevant to DMARC (and all other 
> anti-abuse) utility.
>
That's not the conclusion of the paper that Doug Foster linked to the 
other day. It showed that visual indicators statistically helped. The 
biggest problem was the low deployment rate of DMARC from what I can 
tell from the paper. Everybody here should read that paper IMO.

When I first came back and saw the From rewriting I was very confused by 
what it was until I figured out what was going on. If it were directly 
sent to me I would definitely be suspicious. But Thunderbird shows the 
entire email address when you view it, unlike some of the crappy MUA's 
out there. What we should be agitating for is better MUA's in general 
that care about security. Not IETF, obviously, but the email community 
at large.

Mike

v2.23.0 | Report a Bug | By Email