Re: [dmarc-ietf] Debugging and preventing DKIM failures- suggestion
"Douglas E. Foster" <fosterd@bayviewphysicians.com> Fri, 31 May 2019 02:49 UTC
Return-Path: <btv1==05408f7c171==fosterd@bayviewphysicians.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AAFE21200C1 for <dmarc@ietfa.amsl.com>; Thu, 30 May 2019 19:49:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bayviewphysicians.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1QKXAQBZT7ZL for <dmarc@ietfa.amsl.com>; Thu, 30 May 2019 19:49:14 -0700 (PDT)
Received: from mail.bayviewphysicians.com (mail.bayviewphysicians.com [216.54.111.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1C645120019 for <dmarc@ietf.org>; Thu, 30 May 2019 19:49:14 -0700 (PDT)
X-ASG-Debug-ID: 1559270952-11fa3116c826baa0001-K2EkT1
Received: from webmail.bayviewphysicians.com (smartermail4.bayviewphysicians.com [192.168.1.49]) by mail.bayviewphysicians.com with ESMTP id 6iiDxODVZtHaOiv5 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO); Thu, 30 May 2019 22:49:12 -0400 (EDT)
X-Barracuda-Envelope-From: fosterd@bayviewphysicians.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.1.49
X-ASG-Whitelist: Client
X-SmarterMail-Authenticated-As: fosterd@bayviewphysicians.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bayviewphysicians.com; s=s1025; h=message-id:reply-to:subject:to:from; bh=p9SeoAo2Gg0m7HcVXIDZ6icsUzyrmTBUbvR1rjFetes=; b=I0SFzaLsST31bamHB3jgZa+ub7U48obw5cOHHIeSCaSLBTvT0Gy3rniX7JvMZ7cGj Uf9TIH35vIpQSdBPx9DrjPxO5iYb1rEvYQ1FQLqlf+uu2p66C/KjjR7NYYm1NwszB aKPOgraI4PDrXCtJwnkLjgpMtr5jz+nSRzCXKGOMo=
Received: by webmail.bayviewphysicians.com via HTTP; Thu, 30 May 2019 22:49:03 -0400
From: "Douglas E. Foster" <fosterd@bayviewphysicians.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>, John R Levine <johnl@taugh.com>
CC: IETF DMARC WG <dmarc@ietf.org>
Date: Thu, 30 May 2019 22:49:03 -0400
X-ASG-Orig-Subj: Re: [dmarc-ietf] Debugging and preventing DKIM failures- suggestion
Reply-To: fosterd@bayviewphysicians.com
Message-ID: <c559a331d90b49eba5b5f6e35ff4774a@bayviewphysicians.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="7d96ac98f2624210b8af02af44a58890"
X-Originating-IP: [192.168.1.239]
In-Reply-To: <alpine.OSX.2.21.9999.1905301712140.76792@ary.qy>
References: <54FB29A0-517A-430E-AF5B-CB079CC3D7F6@aegee.org> <20190526144848.08A772014A0BF4@ary.qy> <CAL0qLwbxwLTpgYJN9qBTzi2oN1EMvAYuNoDbw5Rx5W46-WNyLA@mail.gmail.com> <alpine.OSX.2.21.9999.1905301712140.76792@ary.qy>
X-Exim-Id: c559a331d90b49eba5b5f6e35ff4774a
X-Barracuda-Connect: smartermail4.bayviewphysicians.com[192.168.1.49]
X-Barracuda-Start-Time: 1559270952
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Barracuda-URL: https://mail.bayviewphysicians.com:443/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at bayviewphysicians.com
X-Barracuda-Scan-Msg-Size: 5003
X-Barracuda-BRTS-Status: 1
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/jKUt7G_qRot1FsMsA-lvF_XVttA>
Subject: Re: [dmarc-ietf] Debugging and preventing DKIM failures- suggestion
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 May 2019 02:50:39 -0000
Thank you for the education The IETF list processor seems to be an illustration of your point. It invalidates the orginal sender's signature Then it adds an ietf.org signature Then the message is relayed internally within a single IETF server, where the IETF signature is invalidated. The the message is signed a second time with an valid IETF signature I rather hoped that IETF would be the poster-boy for list processing done correctly. Why is the message manipulation that you describe necessary or acceptable? Deeply puzzled, Doug Foster ---------------------------------------- From: "John R Levine" <johnl@taugh.com> Sent: Thursday, May 30, 2019 5:19 PM To: "Murray S. Kucherawy" <superuser@gmail.com> Cc: "IETF DMARC WG" <dmarc@ietf.org> Subject: Re: [dmarc-ietf] Debugging and preventing DKIM failures- suggestion > And as John said, there have been numerous proposals over the years of ways > to annotate a message with what "standard" mutations were done so that at > verification time the receiver could decide which mutations it was willing > to forgive, but the community showed no interest in such complexities. It is my impression that the proponents of this idea tended not to be very familiar with mailing list software and imagined that most mutations were simple, like adding a subject tag or a text footer. Those happen, but they are the very tip of the iceberg. Modern list managers add, delete, and reorder MIME parts, flatten HTML into text, and a huge list of other things that no mutuation catalog could plausibly describe. That's one of the reasons that ARC doesn't try to say what's changed, just what the authentication results were before and after. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
- [dmarc-ietf] Debugging and preventing DKIM failur… Douglas E. Foster
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Дилян Палаузов
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… John Levine
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… John Levine
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Murray S. Kucherawy
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… John R Levine
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Douglas E. Foster
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Dave Crocker
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Douglas E. Foster
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Dotzero
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Doug Foster
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… John R Levine
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Dave Crocker
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Dave Crocker
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Dave Crocker
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… John Levine
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Hector Santos
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Hector Santos
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Elizabeth Zwicky
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Hector Santos
- Re: [dmarc-ietf] Debugging and preventing DKIM fa… Stan Kalisch