IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC alignment conflicts with RFC 5322 on the use of the From and Sender header fields

John Levine <johnl@taugh.com> Sun, 07 June 2020 17:03 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC75F3A0A00 for <dmarc@ietfa.amsl.com>; Sun, 7 Jun 2020 10:03:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.851
X-Spam-Level:
X-Spam-Status: No, score=-1.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=ZCegZv6/; dkim=pass (1536-bit key) header.d=taugh.com header.b=TgTH/4pc
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qS-4CONHrOul for <dmarc@ietfa.amsl.com>; Sun, 7 Jun 2020 10:03:43 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 055F53A09FF for <dmarc@ietf.org>; Sun, 7 Jun 2020 10:03:42 -0700 (PDT)
Received: (qmail 44688 invoked from network); 7 Jun 2020 17:03:41 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=ae8d.5edd1ded.k2006; bh=PTBouOxveypYioOE3HP3fkBKQS7s18dyQsy2JjOT4qg=; b=ZCegZv6/J2mcbPfWzB8Tb50Iw7IrMZaFV6uLxcb1TI2Dzg00hkCZ6PnMXlWDAVwOmf6XuDxvyMOU0vgAioAdOW0M+b9SR27+N2+eHkdDC2NM3x8dpbMQkfGohjXvpKqvlF8d3tf/RjF+jEN+FzKAsGDl+1aZLd0f7bfoQ1gH65oagWROO9Bag8Fn/qVTZrE/MUkZAVdqk8pv4Li2W0ilwDZhbt8BuTWT0xzG1lgImRqc18AwIPu1H2NySTnvmeLC
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=ae8d.5edd1ded.k2006; bh=PTBouOxveypYioOE3HP3fkBKQS7s18dyQsy2JjOT4qg=; b=TgTH/4pcvVaX41c0k67755J2B9DI3ha+KMnIuxZO3k+HzYm5cpmrurjUJL8qKfa+zHIFrp4Ytd7OM880mFd8V0i35geWNXec9r/d1Yx2H14z/3qJK30hM+DZpyovZGd01x17uv+pYRP3zfKzy43Mhpuq1jf6apLi84/NkhArUmHWDEydNZffMV3RnGLEmkjCNKqdrqRWzVRQoHfBtw3oeBNQnYmE6qxbBVSO39vP8ZTx+mHagngmkgZ9+1CeCV8p
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 07 Jun 2020 17:03:41 -0000
Received: by ary.qy (Postfix, from userid 501) id 4202D1A437D4; Sun, 7 Jun 2020 13:03:41 -0400 (EDT)
Date: Sun, 07 Jun 2020 13:03:41 -0400
Message-Id: <20200607170341.4202D1A437D4@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
In-Reply-To: <14fe18acad53467a8027e680dfc1067e@bayviewphysicians.com>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/UNM-m0j-XoACr7Dx7m9CZd9TzgI>
Subject: Re: [dmarc-ietf] DMARC alignment conflicts with RFC 5322 on the use of the From and Sender header fields
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Jun 2020 17:03:45 -0000

In article <14fe18acad53467a8027e680dfc1067e@bayviewphysicians.com> you write:
>-=-=-=-=-=-
>1) The original assertion, that DMARC creates a conflict with prior specifications, appears to be undefended and incorrect.

It should not be controversial that DMARC can only describe a subset
of valid Internet mail. The problem arises when people then assert
that somehow it is our fault that we are sending mail that DMARC can't
describe, typically in ways we've been using for decades, long before
anyone thought of DMARC.

>2) Some of the discussion appeared to resolve around the assertion that DMARC can have no value.

It clearly has value to Verizon, and it apparently has value to banks
and Paypal. I can't see that it has much value for me or my users,
since it has screwed up all the mailing lists we use, and for whatever
reason we're not big phish targets.

R's,
John

PS: My bank chronically sends out real mail that looks like a total
phish, e.g., it says there's a dubious charge on your card, click this
button if it's real or that button if it's not, with the URL for
neither button having any connection to any domain the bank owns.
I know it's real because I know enough about the bank business to
recognize the subcontractor they use, but jeez.

v2.23.0 | Report a Bug | By Email