IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC alignment conflicts with RFC 5322 on the use of the From and Sender header fields

John Levine <johnl@taugh.com> Sat, 06 June 2020 20:45 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE0033A0C3F for <dmarc@ietfa.amsl.com>; Sat, 6 Jun 2020 13:45:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.451
X-Spam-Level:
X-Spam-Status: No, score=-1.451 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1536-bit key) reason="fail (message has been altered)" header.d=iecc.com header.b=YGngKzlP; dkim=fail (1536-bit key) reason="fail (message has been altered)" header.d=taugh.com header.b=X8DCxib6
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vZbe_xBpYIam for <dmarc@ietfa.amsl.com>; Sat, 6 Jun 2020 13:45:14 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7821A3A0C3E for <dmarc@ietf.org>; Sat, 6 Jun 2020 13:45:13 -0700 (PDT)
Received: (qmail 79165 invoked by uid 100); 6 Jun 2020 20:45:12 -0000
Date: Sat, 06 Jun 2020 20:45:11 -0000
Message-ID: <rbgv8n$2c3k$1@gal.iecc.com>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:references:in-reply-to:cleverness; s=13536.5edc0058.k2006; i=news@user.iecc.com; bh=3k5nZupfaWc0XBZw1agErzlKU2Urkq9JXsM/XKDzNlE=; b=YGngKzlPraHJUB4PcgBYd/bUCf3If8jZT/2L2rhLfL22qxQGbw1LIdOEViAz7ER0LW+rm+cATltCCK8mLaex+v1u77AUv0+baNCfU3pFEJqW5uqQ8lLnEadLoZJoG7u2Mt3hspd3EgWfAP5zYgRquLBEmUYoLjrC/peES95751LAckw+erY7mIWVJMlT6yE1a+I+SwkwbnO+cw8bxj6Fca59uExbNwUeqYy2ZX7+Tnwh/Q78uIWUgjMmrq7hM8xk
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:references:in-reply-to:cleverness; s=13536.5edc0058.k2006; olt=news@user.iecc.com; bh=3k5nZupfaWc0XBZw1agErzlKU2Urkq9JXsM/XKDzNlE=; b=X8DCxib6dEETGBYszHsWOUGztDvKm02FlH6KkkPiRx1sRXSRFiq0qemWBQ3pdxp3jI5JQEL7+yT03/My3La3K1U2tbZGLJjYKW+NompQxz0mgmy/VtDDwKLwNkfutEaYs7tiuhonU91Q1pubAUKpDzsorh4TA1kSx5SnH9wTPF8YaWB8NEL7rHFYdb4kvx6lC8GTl2hFgWabjpoBlLJiAMFSGJT2pC+ris6vP7xo6KagwmKTykgmY6g+rff4/imV
Organization: Taughannock Networks
References: <DM5PR0601MB367115AD49513EAF3953716CF68B0@DM5PR0601MB3671.namprd06.prod.outlook.com> <83781802.4yxyyzPtoS@sk-desktop> <049dac36-6be6-aa99-ccf7-e68da4a240f9@bluepopcorn.net> <F312F1CC-4CCC-4510-83E3-4010AECF7916@kitterman.com>
In-Reply-To: <DM5PR0601MB367115AD49513EAF3953716CF68B0@DM5PR0601MB3671.namprd06.prod.outlook.com> <83781802.4yxyyzPtoS@sk-desktop> <049dac36-6be6-aa99-ccf7-e68da4a240f9@bluepopcorn.net> <F312F1CC-4CCC-4510-83E3-4010AECF7916@kitterman.com>
Cleverness: some
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: johnl@iecc.com (John Levine)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ZS5DMHTX1lbsun28zXA7rrG9-Mc>
Subject: Re: [dmarc-ietf] DMARC alignment conflicts with RFC 5322 on the use of the From and Sender header fields
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Jun 2020 20:45:16 -0000

In article <F312F1CC-4CCC-4510-83E3-4010AECF7916@kitterman.com>,
Scott Kitterman  <sklist@kitterman.com> wrote:
>I think the market has spoken on the utility of DMARC.

There's no question that it was highly successful at Yahoo and AOL
after they let crooks steal their address books at reducing the amount
of spam their users received that forged addresses in those stolen
address books.  Of course, if you are not Verizon Media, who cares?

I gather it is also quite effective against phishes that for some
reason put the actual target's domain in the From: address, but
at this point I don't know how common that is relative to phishes
that put it in the From: comment, viz. Jim's question.

R's,
John
-- 
Regards,
John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email