IETF Logo Mail Archive

Re: [dmarc-ietf] THIS IS ABUSE (it might be)

Alessandro Vesely <vesely@tana.it> Mon, 10 April 2023 11:16 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 426A5C1524BC for <dmarc@ietfa.amsl.com>; Mon, 10 Apr 2023 04:16:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.089
X-Spam-Level:
X-Spam-Status: No, score=-7.089 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SPF_HELO_TEMPERROR=0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=tana.it header.b="GlUuzBDG"; dkim=pass (1152-bit key) header.d=tana.it header.b="BVXElmxJ"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gpSSDSRTKfCj for <dmarc@ietfa.amsl.com>; Mon, 10 Apr 2023 04:15:55 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [94.198.96.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 409C1C1524B2 for <dmarc@ietf.org>; Mon, 10 Apr 2023 04:15:50 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=tana.it; s=epsilon; t=1681125349; bh=rQqVTSctzrpRfV3nk82b9fq9ddx/99c8F+cl4RaAd5Q=; h=Author:Date:Subject:To:Cc:References:From:In-Reply-To; b=GlUuzBDGHfxdESH9bQB+a+KfGI1zFwSznUI4B136PA/PsygjfKlpWfUwmmivF3S+V uO+IWQmyCA3uUVYttHmAA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1681125349; bh=rQqVTSctzrpRfV3nk82b9fq9ddx/99c8F+cl4RaAd5Q=; h=Date:Subject:To:Cc:References:From:In-Reply-To; b=BVXElmxJhMaqGE5uW9qxWePZWrnsUlS/j0IfaYZFkSfLR1Tp8sYKPpiV0yusFp/JI BZauiGQD+NpDjEVFlkJiSwzs9SMjs6wYnwqOoCHwePUfmlpCyI9+MdmXwWbvVwn425 9yGwzT22pj6T0iA13LLDcnpUAbp/D5NNeQM0taTtmqHH1mH4UcFYmOTIpRCh4
Original-Subject: Re: [dmarc-ietf] THIS IS ABUSE (it might be)
Author: Alessandro Vesely <vesely@tana.it>
Original-Cc: eric@infobro.com
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC076.000000006433EFE4.00005BE5; Mon, 10 Apr 2023 13:15:48 +0200
Message-ID: <74f52cb3-e5fe-a78f-97c5-7b0cd53f1216@tana.it>
Date: Mon, 10 Apr 2023 13:15:48 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.8.0
Content-Language: en-US, it-IT
To: John Levine <johnl@taugh.com>, dmarc@ietf.org
Cc: eric@infobro.com
References: <20230408135930.B1F69BC829D7@ary.qy>
Authentication-Results: tana.it; auth=pass (details omitted)
From: Alessandro Vesely <vesely@tana.it>
In-Reply-To: <20230408135930.B1F69BC829D7@ary.qy>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/hmrGyHTuzdvZsuBQ3ytNuVT57AA>
Subject: Re: [dmarc-ietf] THIS IS ABUSE (it might be)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2023 11:16:06 -0000

On Sat 08/Apr/2023 15:59:30 +0200 John Levine wrote:
> It appears that Eric D. Williams  <eric@infobro.com> said:
>>-=-=-=-=-=-
>>
>>I think the reliance upon list operators is properly placed on that role. 
>>It's not a DMARC problem, it's a DKIM problem, I think.
>
> No, it's a DMARC problem. DKIM didn't cause any problems for mailing 
> lists (ignoring ill-advised and never used ADSP) until DMARC was 
> layered on top of it, and AOL and Yahoo abused it to foist the support 
> costs on the rest of the world after they let crooks steal their 
> users' address books.


That's how it happened.  Can we now accept their push?  After so many email 
addresses became public, how about accepting that email addresses being public 
doesn't have to imply that anyone can impersonate them?  Their move forced 
DMARC into a role that it wasn't design to play, but perhaps it's not so bad 
after all...?


Best
Ale
--

v2.23.0 | Report a Bug | By Email