IETF Logo Mail Archive

Re: [dmarc-ietf] making mail not work for your users, was the endless mailing list silliness

"Murray S. Kucherawy" <superuser@gmail.com> Wed, 17 April 2013 22:40 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EFB0C21E80E6 for <dmarc@ietfa.amsl.com>; Wed, 17 Apr 2013 15:40:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.973
X-Spam-Level:
X-Spam-Status: No, score=-3.973 tagged_above=-999 required=5 tests=[AWL=-0.375, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5cFqVF1AZrBe for <dmarc@ietfa.amsl.com>; Wed, 17 Apr 2013 15:40:53 -0700 (PDT)
Received: from mail-wg0-f45.google.com (mail-wg0-f45.google.com [74.125.82.45]) by ietfa.amsl.com (Postfix) with ESMTP id 0C3A821E80E5 for <dmarc@ietf.org>; Wed, 17 Apr 2013 15:40:52 -0700 (PDT)
Received: by mail-wg0-f45.google.com with SMTP id l18so2197283wgh.24 for <dmarc@ietf.org>; Wed, 17 Apr 2013 15:40:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=XgitFRiwkptyotgsecCQAsueOuXpWEm1dmH+rTMhfJA=; b=RStbGrnVsmyssn2vWvispJWTDnAN4G7gMQPUrQ5Lp0gG6uMIwNqJcUTSITo/5WSYVu Z1Cd/0PoccC9HyVlhQVLX+z3mCewqZW3VIoOEoXDZJ+gaR9FmmI54HxZApDT4uBhYZok n7i67vB5RF7a9CR6DczUxwXL0IvcxPLkGNGcZroepnDgpapfqv+WxCspohaFDBdXfrOD x08mCymJb14kvCANRsrhpgvg8Bl22DmiWqntW/gpFAsyMFcuyhgpTiel63p0RYIpWpAg 5k6hamGsi7RhGymzFYoBcE4u48KWMxC/UJWNyjS/uCIXCShS/cvHuygdIHV0V34391pB OHsg==
MIME-Version: 1.0
X-Received: by 10.180.84.162 with SMTP id a2mr13978092wiz.14.1366238452256; Wed, 17 Apr 2013 15:40:52 -0700 (PDT)
Received: by 10.180.36.176 with HTTP; Wed, 17 Apr 2013 15:40:52 -0700 (PDT)
In-Reply-To: <CAAjc_p5Vcjhdzj5Vw1WY8nG07NTcydf9nWjqhs8iX_UHq1COhw@mail.gmail.com>
References: <20130417103918.3587.qmail@joyce.lan> <7BF5EC3D91FA4D6DA7902A1387BCFB60@fgsr.local> <CAAjc_p5Vcjhdzj5Vw1WY8nG07NTcydf9nWjqhs8iX_UHq1COhw@mail.gmail.com>
Date: Wed, 17 Apr 2013 15:40:52 -0700
Message-ID: <CAL0qLwYFOKh8hfm1Abc6nQbFuEUy7t+MQk+2WUisU_xp+2VU9g@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
To: John Sweet <sweet@secondlook.com>
Content-Type: multipart/alternative; boundary="f46d04427194a0149604da962dda"
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
Subject: Re: [dmarc-ietf] making mail not work for your users, was the endless mailing list silliness
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Apr 2013 22:40:54 -0000

On Wed, Apr 17, 2013 at 2:20 PM, John Sweet <sweet@secondlook.com> wrote:

> ... except, of course, that when I get a phishing mail purporting to be
> from my bank, and I respond thinking it's them, and criminals gain access
> to my accounts because of it, it's not the bank that takes it in the
> shorts. It's me, the little guy.
>

It's both, really.  It happens to the end user to the tune of what they
have in the bank, and it happens to the bank to the tune of what their
insurers have to cover in the aggregate for fraud claims.  Those are
relatively painful numbers to both parties.


> When I get yet another newspaper article forwarded by my mother, using the
> paper's website's "Send to a Friend" link, I actually don't particularly
> care if it's someone pretending to be her.  Likewise, when I see your posts
> here on dmarc-ietf, I really don't care if it's you or someone pretending
> to be you. Some applications of email just aren't desperately in need of
> authentication.
>
> If my mother writes me personally saying she's stuck in London without her
> passport and needs me to wire her $1500 immediately, well, that's another
> matter. But she's unlikely to do that through a mailing list.
>

+1 to all of that.

-MSK

v2.23.0 | Report a Bug | By Email