Re: [dmarc-ietf] Email security beyond DMARC?
DAMY gustavo <gustavo.DAMY@upu.int> Tue, 19 March 2019 18:03 UTC
Return-Path: <gustavo.DAMY@upu.int>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B57F1315B5 for <dmarc@ietfa.amsl.com>; Tue, 19 Mar 2019 11:03:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=upu.int
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SqdDrpAeOB8c for <dmarc@ietfa.amsl.com>; Tue, 19 Mar 2019 11:03:12 -0700 (PDT)
Received: from mgw1.upu.int (mgw1.upu.int [193.247.49.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6D5D1315D5 for <dmarc@ietf.org>; Tue, 19 Mar 2019 11:03:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=upu.int; i=@upu.int; q=dns/txt; s=default; t=1553018590; x=1584554590; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=W43eVN1pIH7tuqpQyAG131OI7VRY1GswGUH4dmmAtCE=; b=kEDOpjGqZguaXzXq01pbtyKyzajMbpkegDZqk1qetxpjgKkxEZlBAMu3 IlxrjAc5WNwD0pKlt9If3ivhIURjBBLZMSBAWds5xOHmQ/htkt3GWTUrj 65Ap+9voAyCDJNXk/7C2cmrWr2iX/h2J9Hh1QnBpo/MLxRcMl02MPapTr JlNFgnAT1+hIiO/JR1FeY7B7qp6A737JRVKBxOel//o7Det1Qf3vghvbV 87WSz8J2+9IYZuV6mahDvyQhimrruKYtkTu+vuSdZKBGbdjoqEyj9CxPW 1vIXpp+3A1RUUJ1JhMWCWb1whcWy3YjpiHW0e5+WubAZRj3NAu7odpKRb g==;
Authentication-Results: mgw1-out.upu.int; spf=Pass smtp.mailfrom=gustavo.DAMY@upu.int; spf=None smtp.helo=postmaster@PEXC01.upu.ch
Received-SPF: Pass (mgw1-out.upu.int: domain of gustavo.DAMY@upu.int designates 193.247.55.160 as permitted sender) identity=mailfrom; client-ip=193.247.55.160; receiver=mgw1-out.upu.int; envelope-from="gustavo.DAMY@upu.int"; x-sender="gustavo.DAMY@upu.int"; x-conformance=spf_only; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:193.247.55.160/32 ip4:193.247.55.161/32 ip4:80.80.227.166/32 ip4:193.247.63.15/32 +a:erecruit.noreply.upu.int +mx -all"
Received-SPF: None (mgw1-out.upu.int: no sender authenticity information available from domain of postmaster@PEXC01.upu.ch) identity=helo; client-ip=193.247.55.160; receiver=mgw1-out.upu.int; envelope-from="gustavo.DAMY@upu.int"; x-sender="postmaster@PEXC01.upu.ch"; x-conformance=spf_only
IronPort-SDR: XYy2s1P7kRtsFX6A942bD+NmYVALq8yQJdFRk9+L+IjURluD1+9qHzD+h7/oelxaf6aa9ldlGZ IVQCob39SdWd5cLi1Pc9XZIcXB9AV7OPwrB9vrO0SH25JKfBhIYNlnAYf5VQmsDMBzBiyV6k2r gYItE7CHqdJxk+L9tHTqxig07LOg38s22Y6z9fUpypIr3prDv4z6aJCyvqezOjYx7JDgBCaEM1 BKTNzE0BxgI6EFVwP3LmiLYNOlR0pJBpLBep/l/cukzV7+swfmKqaR/wIUzR7Q8ThK6WzIgaCX DB4=
X-IronPort-AV: E=Sophos;i="5.60,245,1549926000"; d="scan'208";a="1890599"
Received: from PEXC01.upu.ch (2002:c1f7:37a0::c1f7:37a0) by PEXC01.upu.ch (2002:c1f7:37a0::c1f7:37a0) with Microsoft SMTP Server (TLS) id 15.0.1130.7; Tue, 19 Mar 2019 19:03:00 +0100
Received: from PEXC01.upu.ch ([fe80::28c1:e4c1:2f2e:11fc]) by PEXC01.upu.ch ([fe80::28c1:e4c1:2f2e:11fc%13]) with mapi id 15.00.1130.005; Tue, 19 Mar 2019 19:03:00 +0100
From: DAMY gustavo <gustavo.DAMY@upu.int>
To: "dmarc@ietf.org" <dmarc@ietf.org>
CC: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch>
Thread-Topic: [dmarc-ietf] Email security beyond DMARC?
Thread-Index: AQHU3b0Xv/AeslasNkiUwE096qOcBKYTO0Dw
Date: Tue, 19 Mar 2019 18:02:59 +0000
Message-ID: <90b936ec488f41108bc4e528eb7933f6@PEXC01.upu.ch>
References: <1dc451a973a8443a87d37b6e5c41fe38@bayviewphysicians.com> <alpine.DEB.2.20.1903181355520.5419@softronics.hoeneisen.ch>
In-Reply-To: <alpine.DEB.2.20.1903181355520.5419@softronics.hoeneisen.ch>
Accept-Language: en-GB, fr-CH, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.22.0.30]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/S6qKPtpPZMQWjpN2D1jpPQ7oI7k>
Subject: Re: [dmarc-ietf] Email security beyond DMARC?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Mar 2019 18:03:18 -0000
Very useful links Bernie, thanks for the info. I wonder if this working group will eventually will make reference to the concept of PeP protocol to reinforce the usage of DMARC you are mentioning below? Best Regards Gustavo Damy -----Original Message----- From: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch> Sent: Monday, March 18, 2019 1:58 PM To: Douglas E. Foster <fosterd@bayviewphysicians.com> Cc: dmarc@ietf.org Subject: Re: [dmarc-ietf] Email security beyond DMARC? Hi Doug On Sat, 16 Mar 2019, Douglas E. Foster wrote: > I tried to understand what IETF is doing about email security, and > this working group seems to be the only surviving effort. Based on > the index, the groups attention is focused on polishing the existing > DMARC implementaton rather than plowing new territory. Given the > devastating effect of WannaCry and the success of other email-based > attacks, I think our work is far from finished. You may want to have a look on some upcoming work. We just started a new mailing list, which includes the topic of email security: MEDUP -- Missing Elements for Decentralized and Usable Privacy To subscribe: - https://www.ietf.org/mailman/listinfo/medup Please find more information on: - https://mailarchive.ietf.org/arch/msg/medup/mbrbhFekt_srXShzpCa4RiXgPbY - https://mailarchive.ietf.org/arch/msg/pearg/oBjgAwG3_eoR6tpLQGTE_9OggzQ The former also includes a list of Internet-Drafts describing the MEDUP challenges. Please be also informated that the LAMPS WG has requested a new work item on email header protection to be added to its charter. Hope that helps! Best, Bernie -- http://ucom.ch/ Modern Telephony Solutions and Tech Consulting for Internet Technology
- Re: [dmarc-ietf] Email security beyond DMARC? Grant Taylor
- [dmarc-ietf] Email security beyond DMARC? Douglas E. Foster
- Re: [dmarc-ietf] Email security beyond DMARC? Dave Crocker
- Re: [dmarc-ietf] Email security beyond DMARC? Bernie Hoeneisen
- Re: [dmarc-ietf] Email security beyond DMARC? DAMY gustavo
- Re: [dmarc-ietf] Email security beyond DMARC? Doug Foster
- Re: [dmarc-ietf] Email security beyond DMARC? John Levine
- Re: [dmarc-ietf] Email security beyond DMARC? 'Bernie Hoeneisen'
- Re: [dmarc-ietf] Email security beyond DMARC? DAMY gustavo
- Re: [dmarc-ietf] Email security beyond DMARC? Bernie Hoeneisen
- Re: [dmarc-ietf] Email security beyond DMARC? Bernie Hoeneisen
- Re: [dmarc-ietf] Email security beyond DMARC? Dave Crocker
- Re: [dmarc-ietf] Email security beyond DMARC? Grant Taylor
- Re: [dmarc-ietf] Email security beyond DMARC? John R Levine
- Re: [dmarc-ietf] Email security beyond DMARC? DAMY gustavo
- Re: [dmarc-ietf] Email security beyond DMARC? Dotzero
- Re: [dmarc-ietf] Email security beyond DMARC? John R Levine
- Re: [dmarc-ietf] Email security beyond DMARC? John R Levine
- Re: [dmarc-ietf] Email security beyond DMARC? Ken Simpson
- Re: [dmarc-ietf] Email security beyond DMARC? John R Levine
- Re: [dmarc-ietf] Email security beyond DMARC? Ken Simpson
- Re: [dmarc-ietf] Email security beyond DMARC? Dave Crocker
- Re: [dmarc-ietf] Email security beyond DMARC? Doug Foster
- [dmarc-ietf] SPF / Re: Email security beyond DMAR… Дилян Палаузов