Re: [dmarc-ietf] Issue submission - Mailing list security and potential solutions using DMARC
Joseph Brennan <brennan@columbia.edu> Tue, 15 September 2020 16:02 UTC
Return-Path: <jb51@columbia.edu>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D87D3A0D74 for <dmarc@ietfa.amsl.com>; Tue, 15 Sep 2020 09:02:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.562
X-Spam-Level:
X-Spam-Status: No, score=-0.562 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=columbia.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oKWCptbRxEMC for <dmarc@ietfa.amsl.com>; Tue, 15 Sep 2020 09:02:18 -0700 (PDT)
Received: from mx0b-00364e01.pphosted.com (mx0b-00364e01.pphosted.com [148.163.139.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DDB9A3A0D60 for <dmarc@ietf.org>; Tue, 15 Sep 2020 09:02:17 -0700 (PDT)
Received: from pps.filterd (m0167073.ppops.net [127.0.0.1]) by mx0b-00364e01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 08FFcBMG021211 for <dmarc@ietf.org>; Tue, 15 Sep 2020 12:02:16 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=columbia.edu; h=mime-version : references : in-reply-to : from : date : message-id : subject : to : cc : content-type; s=pps01; bh=zzh+bWJbjtstlAFpDnBb+UZg4JyODnT8YK5x/8Jt4NQ=; b=oVpesjFM8em0vGWqymYigJmzDh2muXqenp9MB4D5vAv+TOF4DeEIE/asNfC7L91lYdcu HmrjDdS8gGFKRLSMqeLeTw6IJSawpfNEbucScd5vmofBmajJhefI8sNznlE7jta5wICU xGqk8SdzCgPe5IGARNTrl2RFfnQn60pYxKlsftBGTMKSpo1gpDrv1+L0WPWokiXl6B41 ftXwJpsKJwakMqlMldQepIeIpsf8CSxT8TfDnJRuF3KseMwC6i2RmwFn1xAucLr3NUyn PgXa0IF5q7gmQmoGmngq1iIZqL6uVqMl2/xVZQS1Bi1O0UFxXVdXH/AwuzaEH8HxULvO nQ==
Received: from sendprodmail12.cc.columbia.edu (sendprodmail12.cc.columbia.edu [128.59.72.20]) by mx0b-00364e01.pphosted.com with ESMTP id 33gt7e2v4v-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <dmarc@ietf.org>; Tue, 15 Sep 2020 12:02:15 -0400
Received: from mail-il1-f200.google.com (mail-il1-f200.google.com [209.85.166.200]) by sendprodmail12.cc.columbia.edu (8.14.4/8.14.4) with ESMTP id 08FG2D6f048256 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT) for <dmarc@ietf.org>; Tue, 15 Sep 2020 12:02:14 -0400
Received: by mail-il1-f200.google.com with SMTP id i80so2908908ild.18 for <dmarc@ietf.org>; Tue, 15 Sep 2020 09:02:13 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=zzh+bWJbjtstlAFpDnBb+UZg4JyODnT8YK5x/8Jt4NQ=; b=iCbmsQf+Ey9l60+IfofuoCqStPj0hxTkvs1ktfhdzxCYoZ7r3RufoB+97ZAjVtv/Jq 240lejkqXNl7oX5311CO/zXNs56D4FRJxrCJutZptAn7jFhijo9UBA0Av2uwTKsoV1fL 1Jcv2/wQAlmoQ2CwxNGgHMJpcmSQfoytRP2U3MEM4NYIfbOP+m0jf+fSMdJRf1sS85G5 VRewplT7IQA7uVxUDBrlebU7/1lNYWKN6z1utfsJbNpgMGO2K66rDJlQHP/MJidRt8HM oUQUjwn0vtV5U9fPKbjAfb6BZ8q0ILbhm+si8fau0gNRxIFU/5hmykTgAiTC35zjZ++t gYvA==
X-Gm-Message-State: AOAM533Imt3/UqzpZNFVa0QEfP9jgz5OG4KwDrP8rpRnRRVegooeiuFJ FXgHfC5v9mFd5pcfed9acvsVkXMP4xMAmlqmiESKSQZoIjYhQ22Odvn9senCUqXRYBdVMx5YN1G 4h5QtTNJ1MUvOQJDYnI9BFSmFnbOjEg==
X-Received: by 2002:a6b:6413:: with SMTP id t19mr15881378iog.193.1600185732690; Tue, 15 Sep 2020 09:02:12 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwHqQ3K5Hu7ZsUoEJt8MDy85HCb+0SUMXfDSZ1vsqSOWEUV/+qST5NJpOvQf4qrXVv788agNqN18rJ+j8tZ138=
X-Received: by 2002:a6b:6413:: with SMTP id t19mr15881351iog.193.1600185732328; Tue, 15 Sep 2020 09:02:12 -0700 (PDT)
MIME-Version: 1.0
References: <CAL0qLwZEDNT+LZDMrzecSuTD794jn0CoXRA5FG=rk6QJXO5Hyg@mail.gmail.com> <20200913025842.1BBDD208C94C@ary.qy> <CAMSGcLDKRMbJ_30jZdKE_6hkKaktwBxU6_E=E=bnK2_CKMNEXw@mail.gmail.com> <rjqo4u$114c$2@gal.iecc.com>
In-Reply-To: <rjqo4u$114c$2@gal.iecc.com>
From: Joseph Brennan <brennan@columbia.edu>
Date: Tue, 15 Sep 2020 12:02:01 -0400
Message-ID: <CAMSGcLDs8Rh5hBvtNWU34e4aTT0xnjEMGYdgC322Jfg-tsMGLg@mail.gmail.com>
To: John Levine <johnl@taugh.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000268b7905af5c46f5"
X-CU-OB: Yes
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-09-15_11:2020-09-15, 2020-09-15 signatures=0
X-Proofpoint-Spam-Details: rule=inbound_notspam policy=inbound score=0 bulkscore=10 priorityscore=1501 spamscore=0 lowpriorityscore=10 suspectscore=2 clxscore=1015 mlxscore=0 mlxlogscore=999 adultscore=0 malwarescore=0 impostorscore=10 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2006250000 definitions=main-2009150128
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/k8crG7F2DVU3hOXNmPmf6vueUV8>
Subject: Re: [dmarc-ietf] Issue submission - Mailing list security and potential solutions using DMARC
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Sep 2020 16:02:19 -0000
On Tue, Sep 15, 2020 at 11:55 AM John Levine <johnl@taugh.com> wrote: > In article <CAMSGcLDKRMbJ_30jZdKE_6hkKaktwBxU6_E=E= > bnK2_CKMNEXw@mail.gmail.com>, > Joseph Brennan <brennan@columbia.edu> wrote: > >"Domain administrators must not apply dmarc authentication to domains > >from which end users send mail that may be re-sent via lists or > >automatic forwarding." -- done. Then dmarc will be simple and > >reliable, and bank statements and similar messages are protected as > >intended. Building in a standard workaround significantly weakens the > >whole concept, doesn't it? > > Unfortunately, we have ample evidence that domain operators will > ignore that advice. > > According to someone who was in the room when Yahoo flipped the > switch, the person in charge said words to the effect that I know this > will screw up everyone's mailing lists and I don't care. > > The irony is, the result being to diminish the effectiveness of dmarc for everybody. Joseph Brennan Lead, Email and Systems Applications Columbia University Information Technology
- [dmarc-ietf] Issue submission - Mailing list secu… Douglas E. Foster
- Re: [dmarc-ietf] Issue submission - Mailing list … Alessandro Vesely
- Re: [dmarc-ietf] Issue submission - Mailing list … Dotzero
- Re: [dmarc-ietf] Issue submission - Mailing list … Douglas E. Foster
- Re: [dmarc-ietf] Issue submission - Mailing list … Murray S. Kucherawy
- Re: [dmarc-ietf] Issue submission - Mailing list … Murray S. Kucherawy
- Re: [dmarc-ietf] Issue submission - Mailing list … John Levine
- Re: [dmarc-ietf] Issue submission - Mailing list … Joseph Brennan
- Re: [dmarc-ietf] Issue submission - Mailing list … John Levine
- Re: [dmarc-ietf] Issue submission - Mailing list … Joseph Brennan
- Re: [dmarc-ietf] Issue submission - Mailing list … Alessandro Vesely
- Re: [dmarc-ietf] Issue submission - Mailing list … Dotzero
- Re: [dmarc-ietf] Issue submission - Mailing list … Joseph Brennan
- Re: [dmarc-ietf] Issue submission - Mailing list … Doug Foster
- Re: [dmarc-ietf] Issue submission - Mailing list … Alessandro Vesely