Re: [dmarc-ietf] Email security beyond DMARC?

"Doug Foster" <fosterd@bayviewphysicians.com> Tue, 19 March 2019 18:25 UTC

Return-Path: <btv1==981b339ecf5==fosterd@bayviewphysicians.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D124F131235 for <dmarc@ietfa.amsl.com>; Tue, 19 Mar 2019 11:25:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bayviewphysicians.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id G9ODpyV7z21S for <dmarc@ietfa.amsl.com>; Tue, 19 Mar 2019 11:25:22 -0700 (PDT)
Received: from mail.bayviewphysicians.com (mail.bayviewphysicians.com [216.54.111.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F19B8131260 for <dmarc@ietf.org>; Tue, 19 Mar 2019 11:25:21 -0700 (PDT)
X-ASG-Debug-ID: 1553019920-099057763414bd50001-K2EkT1
Received: from webmail.bayviewphysicians.com (smartermail4.bayviewphysicians.com [192.168.1.49]) by mail.bayviewphysicians.com with ESMTP id lr1AyNWUlmSZgK2W (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO); Tue, 19 Mar 2019 14:25:20 -0400 (EDT)
X-Barracuda-Envelope-From: fosterd@bayviewphysicians.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.1.49
X-ASG-Whitelist: Client
X-SmarterMail-Authenticated-As: fosterd@bayviewphysicians.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bayviewphysicians.com; s=s1025; h=content-type:mime-version:message-id:date:subject:to:from; bh=KQO3E/XcAsVyzL7B0J2EG9KJd1rqR8AJwm2HxDFYdhI=; b=L7rCjSwLvf6zIJSOeG0OhJCY0afErYHJuzPcPX5jBbYFAOfP06P+DxsJQH96D7nZP mkHepW888DrYq4hRQpX/uicTVpaTwPVNTacj70tGP9m2OYVyAAg7VL3SxXVHuDqHu bS8OIDIqpZ0UK2gc26ZQLEuLK6bf38J5ql5BA1RlM=
Received: from MSA189 (MSA-189.BayviewPhysicians.com [192.168.2.94]) by webmail.bayviewphysicians.com with SMTP (version=TLS\Tls12 cipher=Aes256 bits=256); Tue, 19 Mar 2019 14:25:13 -0400
From: "Doug Foster" <fosterd@bayviewphysicians.com>
X-Barracuda-RBL-IP: 192.168.2.94
To: "'DAMY gustavo'" <gustavo.DAMY@upu.int>, <dmarc@ietf.org>
Cc: "'Bernie Hoeneisen'" <bernie@ietf.hoeneisen.ch>
References: <1dc451a973a8443a87d37b6e5c41fe38@bayviewphysicians.com> <alpine.DEB.2.20.1903181355520.5419@softronics.hoeneisen.ch> <90b936ec488f41108bc4e528eb7933f6@PEXC01.upu.ch>
In-Reply-To: <90b936ec488f41108bc4e528eb7933f6@PEXC01.upu.ch>
Date: Tue, 19 Mar 2019 14:25:14 -0400
X-ASG-Orig-Subj: RE: [dmarc-ietf] Email security beyond DMARC?
Message-ID: <002a01d4de81$18ac27b0$4a047710$@bayviewphysicians.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJmenrxqi/qc1CC2lkp6UWa01arRwL8vst8AWe2KCqkzOiiMA==
Content-Language: en-us
X-Exim-Id: 002a01d4de81$18ac27b0$4a047710$
X-Barracuda-Connect: smartermail4.bayviewphysicians.com[192.168.1.49]
X-Barracuda-Start-Time: 1553019920
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Barracuda-URL: https://mail.bayviewphysicians.com:443/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at bayviewphysicians.com
X-Barracuda-Scan-Msg-Size: 2306
X-Barracuda-BRTS-Status: 1
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/MS9xk-EI75XC69hjCNeMvq4XNLA>
Subject: Re: [dmarc-ietf] Email security beyond DMARC?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2019 18:29:51 -0000

Can one of you elaborate on the potential connection between PeP and DMARC,
or more generally, the connection beteen PeP and spam filtering? 

-----Original Message-----
From: dmarc [mailto:dmarc-bounces@ietf.org] On Behalf Of DAMY gustavo
Sent: Tuesday, March 19, 2019 2:03 PM
To: dmarc@ietf.org
Cc: Bernie Hoeneisen
Subject: Re: [dmarc-ietf] Email security beyond DMARC?

Very useful links Bernie, thanks for the info.
I wonder if this working group will eventually will make reference  to the
concept of PeP  protocol to reinforce the usage of DMARC  you are mentioning
below? 

Best Regards
Gustavo Damy


-----Original Message-----
From: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>
Sent: Monday, March 18, 2019 1:58 PM
To: Douglas E. Foster <fosterd@bayviewphysicians.com>
Cc: dmarc@ietf.org
Subject: Re: [dmarc-ietf] Email security beyond DMARC?

Hi Doug

On Sat, 16 Mar 2019, Douglas E. Foster wrote:

> I tried to understand what IETF is doing about email security, and 
> this working group seems to be the only surviving effort.  Based on 
> the index, the groups attention is focused on polishing the existing 
> DMARC implementaton rather than plowing new territory.  Given the 
> devastating effect of WannaCry and the success of other email-based 
> attacks, I think our work is far from finished.

You may want to have a look on some upcoming work. We just started a new
mailing list, which includes the topic of email security:

  MEDUP -- Missing Elements for Decentralized and Usable Privacy

To subscribe:

- https://www.ietf.org/mailman/listinfo/medup

Please find more information on:

- https://mailarchive.ietf.org/arch/msg/medup/mbrbhFekt_srXShzpCa4RiXgPbY

- https://mailarchive.ietf.org/arch/msg/pearg/oBjgAwG3_eoR6tpLQGTE_9OggzQ

The former also includes a list of Internet-Drafts describing the MEDUP
challenges.


Please be also informated that the LAMPS WG has requested a new work item on
email header protection to be added to its charter.


Hope that helps!

Best,
  Bernie

--

http://ucom.ch/
Modern Telephony Solutions and Tech Consulting for Internet Technology


_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc