Re: [dmarc-ietf] Working group next steps

"Douglas E. Foster" <fosterd@bayviewphysicians.com> Sun, 31 March 2019 12:38 UTC

Return-Path: <btv1==99374fdb37c==fosterd@bayviewphysicians.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF84612012B for <dmarc@ietfa.amsl.com>; Sun, 31 Mar 2019 05:38:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bayviewphysicians.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hNjw6M07lYix for <dmarc@ietfa.amsl.com>; Sun, 31 Mar 2019 05:38:57 -0700 (PDT)
Received: from mail.bayviewphysicians.com (mail.bayviewphysicians.com [216.54.111.133]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A65212013D for <dmarc@ietf.org>; Sun, 31 Mar 2019 05:38:57 -0700 (PDT)
X-ASG-Debug-ID: 1554035933-0990574bec209bc0001-K2EkT1
Received: from webmail.bayviewphysicians.com (smartermail4.bayviewphysicians.com [192.168.1.49]) by mail.bayviewphysicians.com with ESMTP id NaDMtjbHvEKCVoj2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO); Sun, 31 Mar 2019 08:38:53 -0400 (EDT)
X-Barracuda-Envelope-From: fosterd@bayviewphysicians.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.1.49
X-ASG-Whitelist: Client
X-SmarterMail-Authenticated-As: fosterd@bayviewphysicians.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bayviewphysicians.com; s=s1025; h= content-type:mime-version:message-id:reply-to:date:subject:to:from; bh=Dmfytwzg+1wKuRrX8KeoLqzBo+odZjcEJ3SPrKF96I0=; b=E8hb2slT/UYk5V+THjhvrllhtE023YfXD2NUVwZEf1eOh1bFVOoAqbq33miFLeMfW cEWxKGK3Jqqg/MKJUuz+SbU4sJryAz2aN7KofhqEkRORYqpfLxwamGbGd7y6JL0lk JVRxc1fPevsPhBy6a7AmmklWgHxbbs1Li2BnD3XWc=
Received: by webmail.bayviewphysicians.com via HTTP; Sun, 31 Mar 2019 08:38:44 -0400
From: "Douglas E. Foster" <fosterd@bayviewphysicians.com>
To: "Scott Kitterman" <sklist@kitterman.com>, "IETF DMARC WG" <dmarc@ietf.org>, "Ian Levy" <ian.levy=40ncsc.gov.uk@dmarc.ietf.org>
Date: Sun, 31 Mar 2019 08:38:44 -0400
X-ASG-Orig-Subj: Re: [dmarc-ietf] Working group next steps
Reply-To: fosterd@bayviewphysicians.com
Message-ID: <641c4907897e4a81b12847a29bfcd3b8@bayviewphysicians.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=178dca5f19e449a98c262f972a93f11c
X-Originating-IP: [192.168.1.239]
In-Reply-To: <LO2P123MB2285E7ED4CD46A11BD9F4676C9540@LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM>
References: <CAL0qLwaPG+CcuMGsJjdJM=x4bigSXvRAHxAf3nk9krknJbtUqw@mail.gmail.com> <LO2P123MB22857A6A1EDD9D54A817C4F5C95A0@LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM> <3802074.4RGYGbXOYh@kitterma-e6430> <LO2P123MB2285E7ED4CD46A11BD9F4676C9540@LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM>
X-Exim-Id: 641c4907897e4a81b12847a29bfcd3b8
X-Barracuda-Connect: smartermail4.bayviewphysicians.com[192.168.1.49]
X-Barracuda-Start-Time: 1554035933
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Barracuda-URL: https://mail.bayviewphysicians.com:443/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at bayviewphysicians.com
X-Barracuda-Scan-Msg-Size: 4506
X-Barracuda-BRTS-Status: 1
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/jok-l4zi9URTrOfr_kdAFuO8MOY>
Subject: Re: [dmarc-ietf] Working group next steps
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Mar 2019 18:30:56 -0000

Certainly not.   
  
 You cannot drop existing defenses until the new standard is 100% deployed on the Internet, which means probably never.    Your experimental implementation will need to prioritize the new test over the SPF test, to prove that it is working and to show that it is good at intercepting any subdomains that have been newly imagined by the attackers
  
 To speed up the deployment process for existing or new standards, IETF would meed to embrace the idea of defining required features of a spam filter.
  
 Doug Fosterd
  

----------------------------------------
 From: "Ian Levy" <ian.levy=40ncsc.gov.uk@dmarc.ietf.org>
Sent: Sunday, March 31, 2019 6:18 AM
To: "Scott Kitterman" <sklist@kitterman.com>om>, "IETF DMARC WG" <dmarc@ietf.org>
Subject: Re: [dmarc-ietf] Working group next steps   
>> I'll also offer gov.uk as an experimental ground (within reason!).

> Excellent. I've listed it in the experimental registry at psddmarc.org.
> Since you already had a live DMARC record for that domain, people can experiment with this now.

I guess at some point we'll have to stop generating SPF and DMARC records for the non-existent subdomains of gov.uk so we can test the new stuff properly. When we're at that point, let me know.

Ta.

I.

--
Dr Ian Levy
Technical Director
National Cyber Security Centre
ian@ncsc.gov.uk

Staff Officer : Kate Atkins, kate.a@ncsc.gov.uk

(I work stupid hours and weird times - that doesn't mean you have to. If this arrives outside your normal working hours, don't feel compelled to respond immediately!)

This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc