Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis
"Murray S. Kucherawy" <superuser@gmail.com> Tue, 02 April 2024 15:58 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FBD8C14F5F1 for <dmarc@ietfa.amsl.com>; Tue, 2 Apr 2024 08:58:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id by-D3Yvl5N00 for <dmarc@ietfa.amsl.com>; Tue, 2 Apr 2024 08:58:47 -0700 (PDT)
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3906C14F5F2 for <dmarc@ietf.org>; Tue, 2 Apr 2024 08:58:47 -0700 (PDT)
Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-a469dffbdfeso202807466b.0 for <dmarc@ietf.org>; Tue, 02 Apr 2024 08:58:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712073513; x=1712678313; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=+e1G017NNBr3z9k0vycGr7Pnqz2TNvQg7TgLtGjIPwU=; b=CQGWS7E/QPxYD4OEGkJAh8BjiisXz2ZFa+dxGx9o3Qh0uP0K4+FYqw+aD2C3yvRWjV bUeNvyi7ADzkM7E9hk+2t1e/rh9WPz8BoliDSjRew9xS3kKEI/jInD/To5JBu7gH1lGD 0bI5cenI15vTs6+MOe8tYFwP3THz5MQMW5JBuNOtD8PSogYG6A1KwkA1hmvXOqUoHHez u3KgfiPKQDR04Yh9tJStewTF0v5J09oReH1Xvco1BLRkqR5WPkjQ++AqvrurFZ3wTp5m Zi+Q/1RQvGhAJ9A0o/g6G+xWWO3MTRSlTkm/Bv23BjWfIQ1LS5JbVpp0lBSpEnI4MeDl 2BkA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712073513; x=1712678313; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=+e1G017NNBr3z9k0vycGr7Pnqz2TNvQg7TgLtGjIPwU=; b=kyNQyPIy9gWyCtU9gcLGkzCdAqhkqneecmQnqE7xi73JHcK/imbLiTFLe5ib03ewHW lnpT3Y2lhdvaX0kMt9lWkSBcGZDoRz5ttFYagB6JLJ/rHbMXKYa4PL4EiWaA09obVMeP 7405SSQlTWeb3CfpQzsUt79zKF7yvHEYw5ZCQ0jN51qHsjaiBLs/T09PQd7W6gziSOl9 Rq1GzRu9BHjGFQznPPU5mrc2bzpgyMM+nujDluNblV+giDLTyNW1eRhKLLjyvJfAMPkf f8xtDcyj42CwXoqSKg11cK1VCoy+4gXjzMrQKAYE+NG4+hdUjDfW05/9g6CjY2hCd6Hf pNqA==
X-Gm-Message-State: AOJu0YxIdqr3c63FoLWxt3wSTrDoCSMrl7igmW1rd035p+k0Q8HJc+Gy /vg+GfV+WjVHL9c7Qd85KKHtofn1BDU5qdhlZpBKBCl8xaDygGFnQ0l6mV5ykWw0bB/lrY7ojQ7 e/wnaT7T8TS7IOPx+6iSyRVxUycLOe15v+RI=
X-Google-Smtp-Source: AGHT+IEQBCindyuOMD2swGu7qVqDzhR5drA2mjiiycMgjVNziHIamTG7P1blZoOaiNxxtMIn5FuMptIDK681inRE6Dg=
X-Received: by 2002:a17:906:c10f:b0:a4e:39f5:9bc7 with SMTP id do15-20020a170906c10f00b00a4e39f59bc7mr9821722ejc.1.1712073512815; Tue, 02 Apr 2024 08:58:32 -0700 (PDT)
MIME-Version: 1.0
References: <CAL0qLwZKWNsV_CZ7C4ep88soaquhFG6FswoyNDWdfJ4HB7pamQ@mail.gmail.com> <20240402154918.6477686B0508@ary.qy>
In-Reply-To: <20240402154918.6477686B0508@ary.qy>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Tue, 02 Apr 2024 08:58:20 -0700
Message-ID: <CAL0qLwaaKTcQ+OyApjDn3yA0mrB+HYSurMR1pZP-angNRcPEQg@mail.gmail.com>
To: dmarc@ietf.org
Content-Type: multipart/alternative; boundary="0000000000008f945706151f2d98"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/jqRpQzh2d8ISRIiqw4ovOn-ptok>
Subject: Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 Mention of ARC in DMARCbis
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Apr 2024 15:58:48 -0000
On Tue, Apr 2, 2024 at 8:49 AM John Levine <johnl@taugh.com> wrote: > It appears that Murray S. Kucherawy <superuser@gmail.com> said: > >Can you give an example, even if only a hypothetical one? > > I'm not Emmanuel but people at large mail systems have told me that > the biggest value of ARC is to deal with mailing lists that do lousy > spam filtering. Lists often let anything through that has the address > of a subscriber on the From: line. Mail systems see legit lists that > gush spam when some bot starts sending mail to the list with fake > subscriber addresses, because the bot herder is using address pairs > from stolen address books. > > While we all know the reasons that you don't want to enforce DMARC on > the mail coming out of a mailing list, it makes a lot more sense to > enforce it on mail going into a list. You can use ARC to look back and > see if the mail was aligned on the way in and if not treat it as spam. > I think details about the technique to which you're alluding, especially with real world examples, anecdotes, or other data, would be really valuable to publish somewhere, be that in this document or elsewhere. Even just a paragraph that explains what ARC brings that we didn't have before, that can be used to mitigate DMARC damage, would be a step in the right direction. The ARC usage document appears to have been parked and expired, so that advice doesn't seem to exist anywhere now. Is the plan to revive that, now that we appear to have at least one source of experience? -MSK, p11g
- Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mentio… John Levine
- Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mentio… Scott Kitterman
- [dmarc-ietf] DMARCbis WGLC - Issue 144 Mention of… Todd Herr
- Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mentio… Murray S. Kucherawy
- Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mentio… Emanuel Schorsch
- Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mentio… Emanuel Schorsch
- Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mentio… Alessandro Vesely
- Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mentio… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 M… John Levine
- Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 M… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 M… Seth Blank
- Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 M… Murray S. Kucherawy
- Re: [dmarc-ietf] ARC, DMARCbis WGLC - Issue 144 M… Seth Blank
- Re: [dmarc-ietf] DMARCbis WGLC - Issue 144 Mentio… Emanuel Schorsch