Re: [dmarc-ietf] Rethinking DMARC for PSDs
"John Levine" <johnl@taugh.com> Mon, 08 April 2019 00:50 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E428A12011A for <dmarc@ietfa.amsl.com>; Sun, 7 Apr 2019 17:50:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1536-bit key) header.d=iecc.com header.b=UCgxCwIj; dkim=pass (1536-bit key) header.d=taugh.com header.b=VGV9MGRQ
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8_aFJ95PXGPz for <dmarc@ietfa.amsl.com>; Sun, 7 Apr 2019 17:50:48 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E64CE120256 for <dmarc@ietf.org>; Sun, 7 Apr 2019 17:50:47 -0700 (PDT)
Received: (qmail 46159 invoked from network); 8 Apr 2019 00:50:46 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=b44d.5caa9ae6.k1904; bh=+yJkXc6hHWPYdsGqDIyPpfWac4WkTtGJ+RMqfVU17mk=; b=UCgxCwIjWmntrkLWzcr9D7lsIKhrl22IkeeCvXaP/hR7OOjjKwJtV9XFl64otfnF+3dWtV4C0StOhjBUs00U2qVA3PQ1ezPK4TAc4Qo9g4WmUsdU9Nl0/DFYUOeLkPm2qmyD+lCck90osSfZkC3Tn+pXDwGYn7QiK0H2SQ6AtNEONh/wzLIIGBmCvuAeblhiqM7Bl46DqQgffbJiIhl01rOkQA96qj7FvmsAvts0vwjQShOK5+gAER1Z2l8UGBs4
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding; s=b44d.5caa9ae6.k1904; bh=+yJkXc6hHWPYdsGqDIyPpfWac4WkTtGJ+RMqfVU17mk=; b=VGV9MGRQj/iWlGTIMdIUubBNFk1TRNiDprDvrPwgk0XKSEzfuvjwE1J6rN4+QiLG4fGUnKSxhv+y79RcQHPOuqUjWUbpChPiRhhTjKJbauqnYdYnHfB4Pyl5negzORykTFbxvejIjcPYxn10Jyin08C2rqWFBVCg1kH7kaAKeMs5twfBBm9bRWe4Vd1ltaBrPbVYgthnTdo9NobahMGVkfoH46xE701hGZEJ/YUwf//CUdieqTkzM45wDLCQ2FEr
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTP via TCP6; 08 Apr 2019 00:50:45 -0000
Received: by ary.qy (Postfix, from userid 501) id 5EC462011B2BFE; Sun, 7 Apr 2019 20:50:44 -0400 (EDT)
Date: Sun, 07 Apr 2019 20:50:44 -0400
Message-Id: <20190408005045.5EC462011B2BFE@ary.qy>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
In-Reply-To: <c588c5eeec224162bffd080693c703e1@bayviewphysicians.com>
Organization: Taughannock Networks
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/hezvljESRMJIVYqNqulFRSCV1I0>
Subject: Re: [dmarc-ietf] Rethinking DMARC for PSDs
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2019 00:50:50 -0000
In article <c588c5eeec224162bffd080693c703e1@bayviewphysicians.com> you write: > The problem: > Spammers use non-existent domains to achieve identity spoofing, such as >tax.example.gov.uk > This is primarily a reception problem, because many recipient mail filters >are not equipped to block this type of fraud. .. Right, and we can stop right there. A decent spam filter will treat a nonexistent From: domain or envelope bounce address as extremely suspicious and send the message into spam folder purgatory. If someone's filters aren't doing that, it is unlikely that they're paying much if any attention to DMARC, and no amount of fiddling with DMARC will make any difference. My mail server rejects anything with a non-existent bounce address at SMTP time and I don't think it's ever rejected anything my users would want. The solution to this problem is for mail systems to fix their filters, not to invent yet another mail-breaking hack that they won't use anyway. R's, John
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Scott Kitterman
- [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs John Levine
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Jeremy Harris
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs John R Levine
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Ken O'Driscoll
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Dotzero
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Kurt Andersen (b)
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Scott Kitterman
- Re: [dmarc-ietf] Rethinking DMARC for PSDs John Levine
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Scott Kitterman
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Murray S. Kucherawy
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Tim Wicinski
- [dmarc-ietf] More rethinking on DMARC for PSDs Alessandro Vesely