[dmarc-ietf] Email security beyond DMARC?

"Douglas E. Foster" <fosterd@bayviewphysicians.com> Sat, 16 March 2019 12:56 UTC

Return-Path: <btv1==978177adc24==fosterd@bayviewphysicians.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7F1D1274D0 for <dmarc@ietfa.amsl.com>; Sat, 16 Mar 2019 05:56:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bayviewphysicians.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EUCMp0Eno7cP for <dmarc@ietfa.amsl.com>; Sat, 16 Mar 2019 05:56:28 -0700 (PDT)
Received: from mail.bayviewphysicians.com (mail.bayviewphysicians.com [216.54.111.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 789E01200B3 for <dmarc@ietf.org>; Sat, 16 Mar 2019 05:56:28 -0700 (PDT)
X-ASG-Debug-ID: 1552740986-0990577634cb480001-K2EkT1
Received: from webmail.bayviewphysicians.com (webmail.bayviewphysicians.com [192.168.1.49]) by mail.bayviewphysicians.com with ESMTP id MFCAFUDNH99gbMZg (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO) for <dmarc@ietf.org>; Sat, 16 Mar 2019 08:56:26 -0400 (EDT)
X-Barracuda-Envelope-From: fosterd@bayviewphysicians.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.1.49
X-ASG-Whitelist: Client
X-SmarterMail-Authenticated-As: fosterd@bayviewphysicians.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bayviewphysicians.com; s=s1025; h= content-type:mime-version:message-id:reply-to:date:subject:to:from; bh=yFePpIuNv21+jPT6YrReIDaw2uzc40B7eTQ6EAoItAU=; b=gU+nrOJAAoIAHmYX4d+knG4vfhHli9OW/IXut4D8Ibe13PlfhsWtOsJQS38qsqxGs uGJhNnlpcsV3ITAtkwAuX5OhaBqCm21cQYl1Hm4YmyzhwPaLCmvq763EqQjeTfDt8 46FguNlGEkLyecXVnzQKtY2o0QihHGGUg735NITac=
Received: by webmail.bayviewphysicians.com via HTTP; Sat, 16 Mar 2019 08:56:20 -0400
From: "Douglas E. Foster" <fosterd@bayviewphysicians.com>
To: <dmarc@ietf.org>
Date: Sat, 16 Mar 2019 08:56:20 -0400
X-ASG-Orig-Subj: Email security beyond DMARC?
Reply-To: fosterd@bayviewphysicians.com
Message-ID: <1dc451a973a8443a87d37b6e5c41fe38@bayviewphysicians.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=bb0233355d094548a3edd241372a88d1
X-Originating-IP: [192.168.1.239]
X-Exim-Id: 1dc451a973a8443a87d37b6e5c41fe38
X-Barracuda-Connect: webmail.bayviewphysicians.com[192.168.1.49]
X-Barracuda-Start-Time: 1552740986
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Barracuda-URL: https://mail.bayviewphysicians.com:443/cgi-mod/mark.cgi
X-Barracuda-BRTS-Status: 1
X-Virus-Scanned: by bsmtpd at bayviewphysicians.com
X-Barracuda-Scan-Msg-Size: 2436
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ZGFXbFREI0xGjDGoc9LQBCskjpo>
Subject: [dmarc-ietf] Email security beyond DMARC?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Mar 2019 13:18:08 -0000

I tried to understand what IETF is doing about email security, and this 
working group seems to be the only surviving effort.   Based on the index, 
the groups attention is focused on polishing the existing DMARC 
implementaton rather than plowing new territory.   Given the devastating 
effect of WannaCry and the success of other email-based attacks, I think 
our work is far from finished.     

  
 DMARC / DKIM / SPF rely entirely on sender participation.   Too few 
legitimate senders are implementing these measures in the manner that was 
envisioned, and too few , and too many spam filters fail to use these tools 
fully.
  
 DMARC represents a powerful concept which can be applied by the receiver, 
with adjustments, in ways that liberates the receiver from dependency on 
legitimate senders becoming fearless.   I can articulate how that could be 
done, but I do not know how to start that discussion appropriately.
  
 Doug Foster