IETF Logo Mail Archive

Re: [dmarc-ietf] ARC usage, was Call for Adoption: DMARC Use of the RFC5322.Sender Header Field

John Levine <johnl@taugh.com> Tue, 06 October 2020 20:41 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 182E33A106D for <dmarc@ietfa.amsl.com>; Tue, 6 Oct 2020 13:41:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.851
X-Spam-Level:
X-Spam-Status: No, score=-1.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=sm5IW63b; dkim=pass (2048-bit key) header.d=taugh.com header.b=izhNHBKy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cVFFEz4atB_e for <dmarc@ietfa.amsl.com>; Tue, 6 Oct 2020 13:41:06 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B08D43A1039 for <dmarc@ietf.org>; Tue, 6 Oct 2020 13:41:05 -0700 (PDT)
Received: (qmail 58419 invoked from network); 6 Oct 2020 20:41:04 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=e431.5f7cd660.k2010; bh=EOj7pWrosY4CXNLNjZM8IKtiPgaTP1c9C7tCDSfHRrc=; b=sm5IW63b6Be0IFrMfxZbn/c1jSlZ9AGnrwo2hL/NCOOh8WcVqxh4Qh69zOLXARhv7OJ3Nu8rzTtbHr/HkbbwPx/bVnHvpMSqUwCkySLJD7/DJ7BSDax1XlqOnJZrq9OOP7ZXHccXyjuwUSpo2kFeYqkW1x9BHOSpDqSksoIz6fxdeM4FxYEVo91ErTUtF/wjfJJpK6auwruZlsqqIADK8aH+7lS4lUX7pAtaInTxple5ejTQ3RqCW2o98MRQj5jXt8fdbMckYiyKHp60XMMAf84dgsfAMnipFBEWBrgIz628V0o1N0rtjF3BJLoNFqcKvTBDI9WxxYTnTxdKqKtRSQ==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=e431.5f7cd660.k2010; bh=EOj7pWrosY4CXNLNjZM8IKtiPgaTP1c9C7tCDSfHRrc=; b=izhNHBKyp9UNzzZbVAbDUrWBq7xQugmejLkW28gWyDZFS3090h4B0fwXUlj5IDm40cVe/lCMI606aXztfCDwMk+wuTt25XGunx5lPiugTNUi5vKX7zdLFRT+6QhodtLEyKnHdxaiqyp2up2KxRjR7Be99dONzxQWs2st8qyiOIlZdZYI+xC5T2Lj/3DlzVDX90U49ELf4MH3PaMYRMofGs1y0YGDtADjcNtiO00Ww0hB0CYcLJRhPo3ZOeLnDpmSVDdA9bpqPhAkv6BJqbNe43IvfBXP8l382srzlPOd3M2QlBbv34FcYT9O2664PI6h1mH4nZcCX4aZBYYDxjSjZQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 06 Oct 2020 20:41:04 -0000
Received: by ary.qy (Postfix, from userid 501) id 636F62306628; Tue, 6 Oct 2020 16:41:03 -0400 (EDT)
Date: Tue, 06 Oct 2020 16:41:03 -0400
Message-Id: <20201006204103.636F62306628@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: jesse.thompson@wisc.edu
In-Reply-To: <fe197dd0-271e-b9a5-fb3d-ac9f51c008bf@wisc.edu>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/MnozbkstukR-JzriABJaS2mE_vw>
Subject: Re: [dmarc-ietf] ARC usage, was Call for Adoption: DMARC Use of the RFC5322.Sender Header Field
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Oct 2020 20:41:09 -0000

In article <fe197dd0-271e-b9a5-fb3d-ac9f51c008bf@wisc.edu> you write:
>> The bar for ARC to be usable is pretty low. It's not "doesn't send
>> spam" or even "knows who its users are." It's only "doesn't lie about
>> where mail came from."  I expect that in practice the usual DNSBLs
>> will be good enough.
>
>Is the assumption with ARC, when it reaches some point of "production" status, that intermediaries will be able to look themselves
>up in the usual DNSBLs to see if they are trusted so they know that they don't need to rewrite the From?

No, not at all. ARC puts a chain of signatures on a message, but the
final recipient can only verify the most recent one and has to trust
the previous ones for ARC to be useful. So is the chain real, or just
a bunch of garbage invented by spamware, like the long chains of
Received headers they used to add?

You only have to trust the most recent signer, since each link in the
chain says whether the prior links were valid and a legit signer will
note that the previous seal didn't verify if that's the case.

R's,
John

v2.23.0 | Report a Bug | By Email