IETF Logo Mail Archive

Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations

Dotzero <dotzero@gmail.com> Sun, 26 July 2020 23:45 UTC

Return-Path: <dotzero@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B5DE3A1560 for <dmarc@ietfa.amsl.com>; Sun, 26 Jul 2020 16:45:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uSI1V5Ki8V4t for <dmarc@ietfa.amsl.com>; Sun, 26 Jul 2020 16:45:02 -0700 (PDT)
Received: from mail-wr1-x433.google.com (mail-wr1-x433.google.com [IPv6:2a00:1450:4864:20::433]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46BD53A155D for <dmarc@ietf.org>; Sun, 26 Jul 2020 16:45:02 -0700 (PDT)
Received: by mail-wr1-x433.google.com with SMTP id f7so13100662wrw.1 for <dmarc@ietf.org>; Sun, 26 Jul 2020 16:45:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=JKf1x1/ZE+Q5rrIk5kkthGZWvk69CaU0MZ8cRLrVvSk=; b=mDoCbpE6p6S8RAXflBDF1mU85O3oHoENyBOcFfrRFf2oW17Z8iqZeEB8az16RFDGAV aXnMTUzgwIsNn2WGhmGXtqyaR3lWRMDfHf5w9ifRxbceCH7Dgyw0g8A/0Hm0SqGGmT1n bN9+XaTlskUCyX+yhizL+Hvi3lHPn5dq2Ej8E/r3WtyDP8VLyn+nNBlvwgw2mQqmnOaF 3YcatKBiyxvZ6sOhtTeIoP7bLieZcfK0J20sJ4m/CoMFFoj9ytJG366ZaAFpg78hqr4k P6vgkMdGeH7sRPfhJXD7KPm+EoeEq3e8pAjZTVooQirJyYoOI3cE0vPf/IlZe/djNoMK 4LbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=JKf1x1/ZE+Q5rrIk5kkthGZWvk69CaU0MZ8cRLrVvSk=; b=hCK+uEeuaMyfOHKwfdtrfjyNsO8PS7T0y3Y2o16dpzLT/RFVo1lcpcORdCPfVm8w6/ ASGJ+JliQZI/UFgh4duPBD53JdPyd3DktFl9yAyeO0Hj/5wyLxAI4Az/jEcb85EdemSx Omsh+biJyx+toSG1hMhRWVLjur9QZ9/g4zIIJUvBOGGn+f5CB8Z1o9t/+NZPdQN3LLWi aCow5iG3XACG1VDznDSm6JCvVBg5UWzT8l2vrKetr18u2HH/BmzKYWg0oVu9BSsauiB0 60dQ14Xl20Nefl1EQJcW13G0KkxznuQb4iD2gR7jYvS2TYH/2FqxGREJyXpoGryBkERh JfNA==
X-Gm-Message-State: AOAM532pKcuVRhvsrUnjGSj+SV6KbHLS5F0D+y2rQyrfATZMer/ENY9a d4mHUZ1B0fWM6t0fq7HFoqdqwwo36jHcjD50YXqYMA==
X-Google-Smtp-Source: ABdhPJw9O4pYkqrAKZcd8gSa0XauBeZvUI1kkJLsVYTZaXD2a9jKP/xSIaj2FbesnfuJgvN42nxwPIUyBEwOkFnx03c=
X-Received: by 2002:adf:9526:: with SMTP id 35mr18905019wrs.326.1595807100563; Sun, 26 Jul 2020 16:45:00 -0700 (PDT)
MIME-Version: 1.0
References: <bf5b68c74a3c487ca8a07a0a27061e47@com> <87zh7ur069.fsf@orion.amorsen.dk> <3829fac4748a48d0b752403450843bd5@bayviewphysicians.com> <c9353a06-ab31-c397-449e-7d36afbf655d@wisc.edu> <c2ad22cd-8b35-733f-bc4c-839e2c4b3e98@dcrocker.net> <CAJ4XoYf23gu4m7Zru2iq9SV-hYNCx6KFg4J7oTDpLpTcXFk7Rg@mail.gmail.com> <f2cd4931-9f61-2031-00bc-af9c460c15a3@bbiw.net> <CAJ4XoYf=XhaHKZpUjwoBJnLMwq_0LajTBWjJ01qjCaP7365E=w@mail.gmail.com> <800f6d50-847f-b597-5234-34ca3c8d8630@dcrocker.net>
In-Reply-To: <800f6d50-847f-b597-5234-34ca3c8d8630@dcrocker.net>
From: Dotzero <dotzero@gmail.com>
Date: Sun, 26 Jul 2020 19:44:48 -0400
Message-ID: <CAJ4XoYeiUgkuZ-YodhkiiS2rUenMGwUU3gyGbd9fXwDHjHSxmA@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005bf39005ab60cbf1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/kkDHNHbvDY5IMPS8sJtmkMANEIM>
Subject: Re: [dmarc-ietf] Response to a claim in draft-crocker-dmarc-author-00 security considerations
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 26 Jul 2020 23:45:04 -0000

On Sun, Jul 26, 2020 at 9:42 AM Dave Crocker <dhc@dcrocker.net> wrote:

> On 7/21/2020 12:32 PM, Dotzero wrote:
>
> The original DMARC effort was, in fact, to detect actual cases of
>> spoofing, namely unauthorized use of a domain name by outside actors.
>>
>> Different problem.
>>
>
> Actually, part of the effort was to enable Sending domains to identify
> their own mail that was being sent without aligned DKIM signing or from
> places not authorized through SPF - in other words, not properly authorized
> but legitimate, hence feedback loops.
>
>
> As I recall, this was /not/ part of the original purpose of DMARC, which
> was discussed strictly in terms of mail from bulk senders.
>
> What you describe was,  rather, the basis for the later use, which is what
> then started causing problems for mail going through Mediators.
>

Notice I didn't use the word "users" Many of the sending domains in the
original effort had/have a complex number of mail streams for transactional
mail from multiple domains (in some cases thousands), including through
multiple 3rd parties. This is what I was referring to.

Michael Hammer.

v2.23.0 | Report a Bug | By Email