Re: [dmarc-ietf] Email security beyond DMARC?

"Doug Foster" <> Tue, 19 March 2019 18:25 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D124F131235 for <>; Tue, 19 Mar 2019 11:25:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id G9ODpyV7z21S for <>; Tue, 19 Mar 2019 11:25:22 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id F19B8131260 for <>; Tue, 19 Mar 2019 11:25:21 -0700 (PDT)
X-ASG-Debug-ID: 1553019920-099057763414bd50001-K2EkT1
Received: from ( []) by with ESMTP id lr1AyNWUlmSZgK2W (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO); Tue, 19 Mar 2019 14:25:20 -0400 (EDT)
X-ASG-Whitelist: Client
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=s1025; h=content-type:mime-version:message-id:date:subject:to:from; bh=KQO3E/XcAsVyzL7B0J2EG9KJd1rqR8AJwm2HxDFYdhI=; b=L7rCjSwLvf6zIJSOeG0OhJCY0afErYHJuzPcPX5jBbYFAOfP06P+DxsJQH96D7nZP mkHepW888DrYq4hRQpX/uicTVpaTwPVNTacj70tGP9m2OYVyAAg7VL3SxXVHuDqHu bS8OIDIqpZ0UK2gc26ZQLEuLK6bf38J5ql5BA1RlM=
Received: from MSA189 ( []) by with SMTP (version=TLS\Tls12 cipher=Aes256 bits=256); Tue, 19 Mar 2019 14:25:13 -0400
From: "Doug Foster" <>
To: "'DAMY gustavo'" <>, <>
Cc: "'Bernie Hoeneisen'" <>
References: <> <> <>
In-Reply-To: <>
Date: Tue, 19 Mar 2019 14:25:14 -0400
X-ASG-Orig-Subj: RE: [dmarc-ietf] Email security beyond DMARC?
Message-ID: <002a01d4de81$18ac27b0$4a047710$>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJmenrxqi/qc1CC2lkp6UWa01arRwL8vst8AWe2KCqkzOiiMA==
Content-Language: en-us
X-Exim-Id: 002a01d4de81$18ac27b0$4a047710$
X-Barracuda-Start-Time: 1553019920
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Virus-Scanned: by bsmtpd at
X-Barracuda-Scan-Msg-Size: 2306
X-Barracuda-BRTS-Status: 1
Archived-At: <>
Subject: Re: [dmarc-ietf] Email security beyond DMARC?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 19 Mar 2019 18:29:51 -0000

Can one of you elaborate on the potential connection between PeP and DMARC,
or more generally, the connection beteen PeP and spam filtering? 

-----Original Message-----
From: dmarc [] On Behalf Of DAMY gustavo
Sent: Tuesday, March 19, 2019 2:03 PM
Cc: Bernie Hoeneisen
Subject: Re: [dmarc-ietf] Email security beyond DMARC?

Very useful links Bernie, thanks for the info.
I wonder if this working group will eventually will make reference  to the
concept of PeP  protocol to reinforce the usage of DMARC  you are mentioning

Best Regards
Gustavo Damy

-----Original Message-----
From: Bernie Hoeneisen <>
Sent: Monday, March 18, 2019 1:58 PM
To: Douglas E. Foster <>
Subject: Re: [dmarc-ietf] Email security beyond DMARC?

Hi Doug

On Sat, 16 Mar 2019, Douglas E. Foster wrote:

> I tried to understand what IETF is doing about email security, and 
> this working group seems to be the only surviving effort.  Based on 
> the index, the groups attention is focused on polishing the existing 
> DMARC implementaton rather than plowing new territory.  Given the 
> devastating effect of WannaCry and the success of other email-based 
> attacks, I think our work is far from finished.

You may want to have a look on some upcoming work. We just started a new
mailing list, which includes the topic of email security:

  MEDUP -- Missing Elements for Decentralized and Usable Privacy

To subscribe:


Please find more information on:



The former also includes a list of Internet-Drafts describing the MEDUP

Please be also informated that the LAMPS WG has requested a new work item on
email header protection to be added to its charter.

Hope that helps!


Modern Telephony Solutions and Tech Consulting for Internet Technology

dmarc mailing list