IETF Logo Mail Archive

Re: [dmarc-ietf] Is From spoofing an interoperability issue or not?

John Levine <johnl@taugh.com> Thu, 20 April 2023 15:38 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3EE67C14CF18 for <dmarc@ietfa.amsl.com>; Thu, 20 Apr 2023 08:38:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.847
X-Spam-Level:
X-Spam-Status: No, score=-6.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="JpXjVvxf"; dkim=pass (2048-bit key) header.d=taugh.com header.b="Jl8WVSeO"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SDODbNWaJ9hN for <dmarc@ietfa.amsl.com>; Thu, 20 Apr 2023 08:38:00 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D15BC1522CB for <dmarc@ietf.org>; Thu, 20 Apr 2023 08:37:31 -0700 (PDT)
Received: (qmail 79899 invoked from network); 20 Apr 2023 15:37:28 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=13819.64415c38.k2304; bh=FQU+UwvLllV6HhoM0WdzIQGmki6aHY3YrYtLtovOm0w=; b=JpXjVvxf4rahrIrsu8nqJm3LrBVmRUe2/RFpuho7bIhR6He/5vynWR4MY8rgAEfUvfiuVzp2BURNbw+nJvpExsacsAZyHeVV9BoMqrvOBW4+5cHS8JsFDHgN1aUlnaDhpEkTCLzuRPN4b9maM+ti/ou73y5GydWwd406gGHoL5/RjukmEgu/gEEbPxTnIzJ18UQEDciA29lyDFnd0ojRA06es180+hpYfPrBLhj8VzVcKhdqzjhpKu0I+ySq+Ty3ku+BY7RB7Kk+gdxFyGg2Bo39bu5iecPzIVlJWlMkM+cCmpuRSNsFC36KKCqBM9kvTFsD25aaaQ63Gc6RB6Xkhw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=13819.64415c38.k2304; bh=FQU+UwvLllV6HhoM0WdzIQGmki6aHY3YrYtLtovOm0w=; b=Jl8WVSeOX8LmramL6wpHWBCSyUuXzp/WbghVkEpbBB7FmbFwyBsQwnWMCkm9X1jzyoR8OFkPCmDj/OAXIZGdf+tom+JLLGAYJ0N8DroB5V/7Yv/GMEbZDzMp+pfn8PqFrLDcA65t9N6Rjic1FQUgx3DkQ2WVSvuLs0eWTrge9UTrNKdZx6eomvYmTrwCsGTxMhNnmEGuQjPjB5RUnu+y2u2FmIbfQOVB1ojXxiThTtmbgGoCSBM3FB3UnjV4n9ivq6lNqp+l3yzE86BS5A9bIDIusxBHOLH/lqX8r/+maB5bSIACLa/p+aWv1lncJOa+voehC7diBt9y1bv9t2/pnw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 20 Apr 2023 15:37:28 -0000
Received: by ary.qy (Postfix, from userid 501) id DB568C106CE9; Thu, 20 Apr 2023 11:37:27 -0400 (EDT)
Date: Thu, 20 Apr 2023 11:37:27 -0400
Message-Id: <20230420153727.DB568C106CE9@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: vesely@tana.it
In-Reply-To: <0abf9711-ca1c-bfcf-afb2-15e16b9de149@tana.it>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ItoDlncgDyP8cyQwWBV-exlaLws>
Subject: Re: [dmarc-ietf] Is From spoofing an interoperability issue or not?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Apr 2023 15:38:05 -0000

It appears that Alessandro Vesely  <vesely@tana.it> said:
>IMHO at least an appendix should say that if you can't do anything better you 
>have to rewrite From: with examples of legitimate display-phrase, expanding a 
>bit the first bullet in Section 11.4.  That can also be a good place to explain 
>the kind of damage DMARC causes.

Absolutely not. This sort of thing is utterly outside the scope of our
job and wasting time on it just further delays our already extremely
late work.

R's,
John

v2.23.0 | Report a Bug | By Email