IETF Logo Mail Archive

Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows

Douglas Foster <dougfoster.emailstandards@gmail.com> Sat, 15 April 2023 01:47 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C23D8C14CEE3 for <dmarc@ietfa.amsl.com>; Fri, 14 Apr 2023 18:47:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KV1USeKo38mt for <dmarc@ietfa.amsl.com>; Fri, 14 Apr 2023 18:47:07 -0700 (PDT)
Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57F02C14F73F for <dmarc@ietf.org>; Fri, 14 Apr 2023 18:47:07 -0700 (PDT)
Received: by mail-lf1-x131.google.com with SMTP id 2adb3069b0e04-4ec81779f49so187928e87.3 for <dmarc@ietf.org>; Fri, 14 Apr 2023 18:47:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681523225; x=1684115225; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=vayBi6sWIbGIuOf7iY1ohDJWJJw8DyxKik8L3ovgb0Y=; b=PdjjUAPtAVMTDFJOm9glGOlSfY77qqRmZ1nvvJuJdNDBYeFxh/ULHS2SVElbCXRVr6 q4YhalARBhLgtoCciL1j85UEntxiaf5Q2ffBHF4aXdL+crSoMwntHMQDe7xR79aYwWY4 9iyGlsmcSatOUIowXPhqvW7c7PXlrcgPOf3ZxfoRNP4IH1LwlUPIJdasZAFbCahFVvXr 1sX4uTtSm6mkrk9JwP0UHro69xnI/HdmZFBJLm+vE6/sFa0w0ki6eV7uBaZt6+dtus5U MKtDXLLYBp6of2sHIX5471LykjQ2MiYukBJ1PzBnrgYyN5IKZmJTyz3nHw1TP7U+Vw/d 6Qvg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681523225; x=1684115225; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vayBi6sWIbGIuOf7iY1ohDJWJJw8DyxKik8L3ovgb0Y=; b=ENDiEjwN+scLtFqIyKBLhNih8WCUzANomjFmYD0zvO57/SyFvgQQ+Sz6+JmiSNj9xX MBEellHBO4zFh1vJIouSYCYyMEFHHWU3La9dO6k+6cRj/ae7eqeRVn11xmBDhDtUmayK eiK4m3n1VuiQSkR1ViUQuwESO+52gdmz/qf+Bmwb1qvEC/wTbaDklfTXhgrsMflTXrwU UOjYrNPDg2x/QjkpepCd85AmA3aKGe3jG+pem0JPGpnXVqSHF3jGaSh4LTt7MAQt4MOQ 2pPSfqOPgZXftUQZOz5N/fQFNjt2coqgWgdp5IiHpj55gSBkuTrHHqhNGK4WdIOnbhXx VfVA==
X-Gm-Message-State: AAQBX9fXWBN20N/7AwaM1ozaTCUPjBY/tOtq7eOEwP7C4ZKbrIF3UN6f Pp1tQpOn2fM1k4SoaXbvwUjEZ/zFNV9dOymEYRc=
X-Google-Smtp-Source: AKy350b+HnHm6uRpTFI8TIpCrLTJ0nwNqBmSkx5P5bVl70Zk4Eqro7y6yX6cbya4IAtrv6YSGwAyF0AhI0WgOOKR+9A=
X-Received: by 2002:ac2:428c:0:b0:4eb:3f84:8082 with SMTP id m12-20020ac2428c000000b004eb3f848082mr225589lfh.5.1681523225163; Fri, 14 Apr 2023 18:47:05 -0700 (PDT)
MIME-Version: 1.0
References: <CALaySJ+NBg9vzqa0_t-sBf7EKXQ3A=DTyy-Vc7M-ZK9-vfJxmw@mail.gmail.com> <13603D87-4FDE-4768-9712-E6DB0818C802@kitterman.com> <CALaySJLY-9O1Wauk50WMMobNs3cKUzmB+=np080nYCHEZa32UA@mail.gmail.com> <3129648.WqDQmVRvLn@localhost> <CAJ4XoYe3Z8=G8H6hQFuiMMwfZQt1JvLpK3bQmrtGCz=b-w=CJA@mail.gmail.com> <86E22FA6-759F-40F3-AEA3-119EE90F64A0@kitterman.com> <80086446-effa-7ee2-91c7-1f44449d92fb@tekmarc.com> <CAL0qLwaKO5A_OSjod00msw+8EALOUqYzeXb_aPjVhQ2R1wZKJg@mail.gmail.com> <def03c2f-25ec-d3f1-1ea5-678b16369f61@tana.it> <8D2F4B6A-2E72-4763-8B1F-719236B21D1E@wordtothewise.com> <CAH48ZfxP3F0jueQwsFyXBUojQryO2NOhCZzKxbLiZMHW3h10Zg@mail.gmail.com> <5ABFFAF7-4B03-4CCC-81C2-303A6B6F506E@wordtothewise.com> <f5a510b6-553c-e07c-c249-03a68c3cc60e@tana.it> <899E29E9-71E0-49DC-A3C4-746766C7EC67@wordtothewise.com> <CAJ4XoYftxv21D7mhXdRzg+f4Qo99Y=qcZ+eK5_PvPv62hVbM_A@mail.gmail.com> <CAL0qLwZKNWuFgrLvPfP=qxviYZuiUq1EMaL-QG=xe1AA4_Tg2g@mail.gmail.com>
In-Reply-To: <CAL0qLwZKNWuFgrLvPfP=qxviYZuiUq1EMaL-QG=xe1AA4_Tg2g@mail.gmail.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Fri, 14 Apr 2023 21:46:53 -0400
Message-ID: <CAH48ZfzyeAYBg=eFOw0aHcusDLA=QQ7CTp5P_S5VWwmdQDmqOA@mail.gmail.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: Dotzero <dotzero@gmail.com>, Laura Atkins <laura@wordtothewise.com>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000847b0105f95622f9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/lO8-LZrhA8GTah_Lk4mx1sZlYU0>
Subject: Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 15 Apr 2023 01:47:11 -0000

These decisions are made in the light of ransomware attacks that have shut
down critical social infrastructure like city governments and hospital
systems.

The proceeds from Internet-based fraud are funding groups like Boko Haram
that kidnaps girls into sex slavery, boys into child soldiering, and then
uses their weapons to burn Christians inside their churches.

This is not about money for fat cats, it is about trying to stave off the
darkness.

Unless a mailing list has controls in place to ensure that EVERY post comes
from the asserted participant, it is the height of hypocrisy to ask an
evaluator to assume that the post is from the asserted participant.   IETF
cannot do even the easiest part of that task, so I have no reason to expect
better elsewhere.

Societies depend on trust.   Impersonation in all it's forms undermines
trust.


Doug




On Fri, Apr 14, 2023, 9:17 PM Murray S. Kucherawy <superuser@gmail.com>
wrote:

> On Fri, Apr 14, 2023 at 12:37 PM Dotzero <dotzero@gmail.com> wrote:
>
>> While the you part of "we" may not see any advantages, quite a few
>> financials, greeting card sites, retailers AND many receivers have seen the
>> advantages, including p=reject. One thing I've learned over the years is
>> that it is presumptuous to speak on behalf of "everyone" when you don't
>> actually have their authorization to speak on their behalf. It's kind of
>> like sending email claiming to be from someone else's domain without their
>> permission.
>>
>
> We need to tread carefully here.  Standards are supposed to improve things
> for everyone, not just quite a few financials, greeting card sites,
> retailers AND many receivers.  Presented that way, it sounds a lot like
> we're saying these decisions should be biased in favor of those with
> money.  I know we don't mean that.
>
> -MSK, participating
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email