Re: [dmarc-ietf] ARC questions
John Levine <johnl@taugh.com> Sun, 22 November 2020 02:14 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 042573A0C3F for <dmarc@ietfa.amsl.com>; Sat, 21 Nov 2020 18:14:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.85
X-Spam-Level:
X-Spam-Status: No, score=-1.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=m/kjyELD; dkim=pass (2048-bit key) header.d=taugh.com header.b=ZMmf6Fq7
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jb7AjqlaYTja for <dmarc@ietfa.amsl.com>; Sat, 21 Nov 2020 18:14:21 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2DC273A0C38 for <dmarc@ietf.org>; Sat, 21 Nov 2020 18:14:20 -0800 (PST)
Received: (qmail 21600 invoked from network); 22 Nov 2020 02:14:18 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=545e.5fb9c97a.k2011; bh=52PlwGT2bfgBMl5uOKDGbvErcGpAKz6EPfw0rQyzHdU=; b=m/kjyELDcz+e3a3Uq3sjh2rTtSX8cZas4b6tZRUE9poKMgXT/JhXQ+X/ZZxvAw3RP5iEV7y5IOpAn1uIf5KUEHtnkbvWb5ufQH8/a5NVAuARCyjShMv/C8ZrQITjxejmpUlXCyLdaCX4BY+JBPMR7oF4dVIl0YopPgtcBXM3SPG/pYKP5M+MFJkC8DVvzvNPuoX8PH+8myrOlxfymVJO/sw0i4+T1FCTscNnlNLIStqakVYyzOVgncaSMpepqqK9p998la4OkXU5I/xlnuA+WW0A3AYpfh4R4AA9xrIAVorGji4kVO7vvRW4vDH/v8GcaME9hukTjLvQ02t4J62dCg==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=545e.5fb9c97a.k2011; bh=52PlwGT2bfgBMl5uOKDGbvErcGpAKz6EPfw0rQyzHdU=; b=ZMmf6Fq7X2Tr/OUrltzFZT/LlAZyK2lIOHRydbcgfXJEatryPyDssDKmXlUlfvYkiI1xeEbI93Up+gyhJ6PHIoz0rjfpTfuZKY5ywkW+YcZoiqPNAJWRhWtfIrDo55ImrllZCr046HdfNlhPISlwmLbR7Rvn/mnNU9xVMeeYEjxCdixLAngoaJvtiMZgVwa/Ni2cuSuCEsB32sZrGraQ/sMDZdLa7UADKxOUwps/hSb2BIrJdhDKaKx7G0b0Ooa8zG4jO+GG2UNiKz7nrjcKpj6eRajzA8qykXCbBn5mJwyMiwUyPMtAIiq+v7g3tlLZoH73QNssmSiwi80WzzdaPg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 22 Nov 2020 02:14:18 -0000
Received: by ary.qy (Postfix, from userid 501) id B5E6E27B3E59; Sat, 21 Nov 2020 21:14:17 -0500 (EST)
Date: Sat, 21 Nov 2020 21:14:17 -0500
Message-Id: <20201122021417.B5E6E27B3E59@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: mike@mtcc.com
In-Reply-To: <dcc265f9-a143-5093-eba0-94ee059c7cc7@mtcc.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/L9P8J9PyWuIiugf5t7aoUsZrt78>
Subject: Re: [dmarc-ietf] ARC questions
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Nov 2020 02:14:23 -0000
In article <dcc265f9-a143-5093-eba0-94ee059c7cc7@mtcc.com> you write: >If I'm a receiver who is going to be making some filtering decisions >based on ARC, I see that it passed by some authenticator along the way >which is fine, but my question is why I should trust that intermediary >in general? The short answer is that you shouldn't, any more than you should trust random DKIM signatures. When people were designing ARC, it seemd overcomplicated to me. Large mail systems know where all the mailing lists are so why not just whitelist them and be done with it? The answer is that legit lists leak a lot of spam and it is common for a formerly well-behaved list to start spewing spam. Most lists do little filtering beyond verifying that the From: address is a subscriber, so when a spambot steals an address book that contains both the list address and some subscribers to that list, a lot of spam leaks through. ARC lets recipient systems do retroactive filtering that the forwarding system didn't. For example, although the overall error rate of rejecting mail due to SPF -all or DMARC p=reject can be high, on incoming mail to mailing lists both are quite reliable since the kind of forwarding that breaks them is rare in that context. If I ever get around to adding ARC checks to my filters, that's the sort of thing I'll be looking for. This also means that ARC isn't useful if you don't have a reputation system to tell you where the lists and other forwarders that might add legit ARC signatures are. There's been some handwaving about how we might come up with shared DNSWLs of mailing list hosts, but it hasn't happened yet. R's, John
- [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John Levine
- Re: [dmarc-ietf] ARC questions John Levine
- Re: [dmarc-ietf] ARC questions Kurt Andersen (b)
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Douglas E. Foster
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Douglas E. Foster
- Re: [dmarc-ietf] ARC questions Joseph Brennan
- Re: [dmarc-ietf] ARC questions Todd Herr
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions Doug Foster
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions Todd Herr
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John Levine
- Re: [dmarc-ietf] ARC questions John Levine
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Dave Crocker
- Re: [dmarc-ietf] ARC questions John Levine
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Seth Blank
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Douglas Foster
- Re: [dmarc-ietf] ARC questions Murray S. Kucherawy
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Murray S. Kucherawy
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Murray S. Kucherawy
- Re: [dmarc-ietf] ARC questions Alessandro Vesely
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John Levine
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions John R Levine
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Michael Thomas
- Re: [dmarc-ietf] ARC questions Benny Pedersen
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Brandon Long
- Re: [dmarc-ietf] ARC questions Michael Thomas