Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
Michael Thomas <mike@mtcc.com> Tue, 05 January 2021 19:34 UTC
Return-Path: <mike@fresheez.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA8903A11E8 for <dmarc@ietfa.amsl.com>; Tue, 5 Jan 2021 11:34:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.013
X-Spam-Level:
X-Spam-Status: No, score=-2.013 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, NICE_REPLY_A=-0.262, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SpmrHQokivjx for <dmarc@ietfa.amsl.com>; Tue, 5 Jan 2021 11:34:44 -0800 (PST)
Received: from mail-pl1-x634.google.com (mail-pl1-x634.google.com [IPv6:2607:f8b0:4864:20::634]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FDE73A11F7 for <dmarc@ietf.org>; Tue, 5 Jan 2021 11:34:43 -0800 (PST)
Received: by mail-pl1-x634.google.com with SMTP id j1so278618pld.3 for <dmarc@ietf.org>; Tue, 05 Jan 2021 11:34:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=g/LN+TDnZWIWrkIqnHLD5UwxFzgS+lRir+XqOHJVOnY=; b=lubPX8xDUzN810lGNOkBMPW7oRKkEgtmJJZCeq9ze0ybIF3BM+aW8gMnYBDMbbnzN7 Mn+2MVfLCc2IhlCtZOe/fmPH3M8cG7rSUtxWS170Dr0sm29ozIZT0Mydh0vEnASMOB09 lBrdGjC19S9A1uVHNw10NohGkKqWVQxPLWJvM9RY035PBUzOy/9BHM2MiPItMIksQV9k eoqHXYL7Udcynh7Kjd0rvSMZ7FICD7qAP4AcrZScoa5z0v52d93Es3gJZskWlWBWrULs Pn88q5eQ7fZOHXUYFYIcyXRzTIM2Qh8PIUYShxgBDRJCEKm6YCMO2908Wv9BLBpoY5Zm B4mQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=g/LN+TDnZWIWrkIqnHLD5UwxFzgS+lRir+XqOHJVOnY=; b=oTixgw4UlmwCokgeDGklmO6PtJgxqfnmope2Z0m4S3HSskpxPp0b975QG3XNtdF5ET WGh8ocJTCMia+BS+A6F7j7qCzG6iSDIc6k2xaBo987sBkrNz04PdFQx7vKXDa5fWGWB7 NuoLwHb6aHgzUjAfGli/yUocuof7vfK6SrZXV/s9ehPt08zu3VTR6UdXS5AgVnB8TMWq E9agcgDdTa+M268AqHyl3MXjTFv8TxuQL/Gc/udxh4buFQvDnLya8LJ8DZr1hAq4vNhq Ki/SIUmJ1ns/PoFDr/aL+AI8yVub9TX7TeL0XesAp9qWKQbD88oREvaxOsdLSzH4tAqg LhvQ==
X-Gm-Message-State: AOAM531HyIRpPgpdPfI4ad5VCeGrEmNH25ZDEM4bcfo60GSwd0ZGoNIC fnVMfCnLImW3pF30vIbbpm2UI2hHCOnjDQ==
X-Google-Smtp-Source: ABdhPJwMadNrU/92awcxuH3sWR/sJ6Vokse7XRvkY5IMtAu0n/0FiJe7VSeKirM1Y2kdO4N112kMXw==
X-Received: by 2002:a17:90a:414d:: with SMTP id m13mr693951pjg.229.1609875283022; Tue, 05 Jan 2021 11:34:43 -0800 (PST)
Received: from mike-mac.lan (107-182-39-88.volcanocom.com. [107.182.39.88]) by smtp.gmail.com with ESMTPSA id gk4sm10168pjb.57.2021.01.05.11.34.42 for <dmarc@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 05 Jan 2021 11:34:42 -0800 (PST)
To: dmarc@ietf.org
References: <20210104174623.2545154CFF9F@ary.qy> <FD45F9FC-46B0-40A9-ADC6-DDD7650D62F2@bluepopcorn.net> <ae77d9f-6f63-16ca-903a-7cb463a7b58d@taugh.com> <CABuGu1o2t7WaEOh+nsx3_MRUGgGHqKHzQ9302FM9-HL0GxvJvA@mail.gmail.com> <f15c8f53-8075-99a1-83c7-f687200e6a94@gmail.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <f640ee95-ba0a-6aa7-1a14-2af1db151e27@mtcc.com>
Date: Tue, 05 Jan 2021 11:34:41 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <f15c8f53-8075-99a1-83c7-f687200e6a94@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/GdkJANVhUTO5d2yBb1BDlsYxaQA>
Subject: Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jan 2021 19:34:52 -0000
On 1/5/21 11:22 AM, Dave Crocker wrote: > > From: header field rewriting demonstrates that DMARC is, indeed, > trivial to defeat (or rather, to route around.) Also, receiver > filtering engines are all that matter. Real-time actions by > recipients are demonstrably irrelevant to DMARC (and all other > anti-abuse) utility. > That's not the conclusion of the paper that Doug Foster linked to the other day. It showed that visual indicators statistically helped. The biggest problem was the low deployment rate of DMARC from what I can tell from the paper. Everybody here should read that paper IMO. When I first came back and saw the From rewriting I was very confused by what it was until I figured out what was going on. If it were directly sent to me I would definitely be suspicious. But Thunderbird shows the entire email address when you view it, unlike some of the crappy MUA's out there. What we should be agitating for is better MUA's in general that care about security. Not IETF, obviously, but the email community at large. Mike
- [dmarc-ietf] Ticket #55 - Clarify legal and priva… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Seth Blank
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Kurt Andersen (b)
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Kurt Andersen (b)
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Tim Wicinski
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Todd Herr
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Todd Herr
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Tim Wicinski
- Re: [dmarc-ietf] reporting documents, Ticket #55 … John R Levine
- Re: [dmarc-ietf] reporting documents, Ticket #55 … Tim Wicinski
- Re: [dmarc-ietf] reporting documents, Ticket #55 … Seth Blank
- Re: [dmarc-ietf] reporting documents, Ticket #55 … Michael Thomas
- Re: [dmarc-ietf] reporting documents, Ticket #55 … John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] reporting documents, Ticket #55 … Hector Santos
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] reporting documents, Ticket #55 … ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Todd Herr
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… ned+dmarc
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Jim Fenton
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Laura Atkins
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John R Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Laura Atkins
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Jim Fenton
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Paypal security confirm your password now
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Kurt Andersen (b)
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Jim Fenton
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Header Rewriting Laura Atkins
- Re: [dmarc-ietf] Header Rewriting Douglas Foster
- Re: [dmarc-ietf] Header Rewriting Laura Atkins
- Re: [dmarc-ietf] Header Rewriting Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Header Rewriting Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Header Rewriting Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dotzero
- Re: [dmarc-ietf] Header Rewriting Laura Atkins
- Re: [dmarc-ietf] Header Rewriting Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Michael Thomas
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker
- Re: [dmarc-ietf] Header Rewriting John Levine
- Re: [dmarc-ietf] Header Rewriting Douglas Foster
- Re: [dmarc-ietf] Header Rewriting Douglas Foster
- Re: [dmarc-ietf] Header Rewriting Douglas Foster
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Alessandro Vesely
- Re: [dmarc-ietf] Header Rewriting Alessandro Vesely
- Re: [dmarc-ietf] Header Rewriting John Levine
- Re: [dmarc-ietf] Ticket #55 - Clarify legal and p… Dave Crocker