IETF Logo Mail Archive

Re: [dmarc-ietf] Call for Adoption: DMARC Use of the RFC5322.Sender Header Field

Alessandro Vesely <vesely@tana.it> Mon, 17 August 2020 11:25 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9AF263A14C6 for <dmarc@ietfa.amsl.com>; Mon, 17 Aug 2020 04:25:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.047
X-Spam-Level:
X-Spam-Status: No, score=-3.047 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.949, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xyl8dzkJIRmy for <dmarc@ietfa.amsl.com>; Mon, 17 Aug 2020 04:25:44 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 451FD3A14C0 for <dmarc@ietf.org>; Mon, 17 Aug 2020 04:25:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1597663539; bh=TlNbAEnhbJb9zFKweeDSdBGPLulEP6AkVB0vvrLJQA0=; l=1509; h=To:References:From:Date:In-Reply-To; b=B+zkmFxRXHa9vUNs6djSDsENshfYfI1uFctZIUOYnELjbyepPh00QkIwls62x3YD8 rac57nrZZ7ekqkvHRxB+X28jSFwF3bFFcXBbQebCM9cymYhgAOhhfKCwIIqwvpd8dM suhaszh5A2bBx4YFGjdJV9o2pzlgCBXR11siP0Ovsq25NLBLjb9AbfmpYFLzz
Authentication-Results: tana.it; auth=pass (details omitted)
Received: from [192.168.1.102] ([5.170.69.62]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC042.000000005F3A6932.000078CE; Mon, 17 Aug 2020 13:25:38 +0200
To: dmarc@ietf.org
References: <CAJ4XoYcFbh8-nAxjxzzRgUahFfhcgcZQ2yMF2ewv_-DgUmhL=g@mail.gmail.com> <20200814164237.313071E971DB@ary.local> <CAJ4XoYeqj_5mpZu1PZP4rNfrWRyC5gC-2dfK7oX9xQHiR24QeA@mail.gmail.com> <085c6a5f-5451-ae8c-4873-133673ba1754@tana.it> <CAL0qLwaVUi9QtV4zcCwncuy4N3YPwsGZPzFfd1q19io79UG2VQ@mail.gmail.com> <c1844590-4b12-9763-21c5-6ac5b730321b@tana.it> <6358f3da-806b-f4eb-b9a0-8ee8ce4121d7@dcrocker.net> <4e549ca6-6047-6ff2-325c-fe8d7247e157@tana.it> <c972e0af-b589-1780-47b3-8cb2a2024ec2@dcrocker.net> <13a0ed72-2c5a-8ba6-84ab-b857e29403f1@tana.it> <b5935bde-e8-78ef-ed17-90a1d730aa9d@taugh.com> <8CCCBF0C-8651-4298-BB29-457381655D1D@wordtothewise.com>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <beba49bc-e599-4f5b-72ad-2328938af9da@tana.it>
Date: Mon, 17 Aug 2020 13:25:36 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <8CCCBF0C-8651-4298-BB29-457381655D1D@wordtothewise.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/nKFjqcUnO0XQkjeOY-N1vtDppVk>
Subject: Re: [dmarc-ietf] Call for Adoption: DMARC Use of the RFC5322.Sender Header Field
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Aug 2020 11:25:46 -0000

On Mon 17/Aug/2020 11:46:55 +0200 Laura Atkins wrote:
> 
> The forum page is off the FTC website, but the document links are 
> still accessible:


A copy is here:
https://web.archive.org/web/20120603201012/https://www.ftc.gov/bcp/workshops/e-authentication/

A sentence says:

    The Report, however, identified domain-level authentication as a
    promising technological development that would enable Internet
    Service Providers (‘‘ISPs’’) and other domain holders to better
    filter spam, and that would provide law enforcement with a potent
    tool for locating and identifying spammers.


> https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day1.pdf
> https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day2.pdf
> https://www.ftc.gov/sites/default/files/documents/public_events/ftc-spam-forum/transcript_day3.pdf


Thanks.  Let me quote a paragraph by Paul Q. Judge, from the 3rd pdf:

    It doesn't require that one day everyone turns it on and we begin
    to drop the rest of the e-mail and break e-mail.  If a domain
    decides to turn it on, then they've prevented forgery for their
    domain and they're protected.  For persons that have not turned it
    on, then their e-mail still flows but they are not able to
    stop people from forging messages from their domain.  So, I think
    it's something useful and can be deployed incrementally.


It seems we're still stuck midstream...


Best
Ale
--

v2.23.0 | Report a Bug | By Email