IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports

Laura Atkins <laura@wordtothewise.com> Mon, 04 January 2021 12:22 UTC

Return-Path: <laura@wordtothewise.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 663AD3A0C97 for <dmarc@ietfa.amsl.com>; Mon, 4 Jan 2021 04:22:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.198
X-Spam-Level:
X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wordtothewise.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7TPWvBKfeGtM for <dmarc@ietfa.amsl.com>; Mon, 4 Jan 2021 04:22:34 -0800 (PST)
Received: from mail.wordtothewise.com (mail.wordtothewise.com [104.225.223.158]) by ietfa.amsl.com (Postfix) with ESMTP id 7BBC03A0C9D for <dmarc@ietf.org>; Mon, 4 Jan 2021 04:22:25 -0800 (PST)
Received: from [192.168.0.227] (unknown [37.228.231.27]) by mail.wordtothewise.com (Postfix) with ESMTPSA id 3A85F9F149 for <dmarc@ietf.org>; Mon, 4 Jan 2021 04:22:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wordtothewise.com; s=aardvark; t=1609762943; bh=A6VQz5oSm2zwMr4FD2JDLW6SZx+N2cm3oafGZADECSU=; h=From:Subject:Date:References:To:In-Reply-To:From; b=lkjK58l8B7aaxZUbaaNq8EFLQUrphyJyXebiuui3VT4XbvKVuyG9xl0Uo0fOl5yk7 0wk7qL1aX9fxKxesBPoinyJe0OIIAOpiyMcQmjUdb0rK/qNwEkddl84ckE74ww5GSp uI7oC+aHmJ+0JV2129dlC+HjhZX0f2gSfrWlqQKU=
From: Laura Atkins <laura@wordtothewise.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_8291518E-6B28-4292-8DB4-81C9A515E899"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\))
Date: Mon, 04 Jan 2021 12:22:20 +0000
References: <20201231160030.20AFB3EE7AD7@ary.qy> <4bd444a4-0c34-467a-cfcb-a8f7c14b723d@tana.it> <b030d1f-44d4-4330-eb17-c930eb968be2@taugh.com> <CAH48ZfzDkz4iS2k-+8_-zW-y4m+c1dhRMvPQZmpbLLG2KY0eGA@mail.gmail.com> <64c4ebd3-4e06-e12e-d072-7ae2562cf4e1@tana.it> <CAH48ZfzVkO_oxY1SjeWTqH9oUxHJaAsU2XKBZx-CQ9U0Ba8N0w@mail.gmail.com> <CAH48Zfwkxbi7pmmY15DKSRyCgc82jEUJ8hHRtvAQ9J3yJHy6_A@mail.gmail.com> <c3aef9ac-c7f9-e129-b71f-33f611237f9a@tana.it>
To: IETF DMARC WG <dmarc@ietf.org>
In-Reply-To: <c3aef9ac-c7f9-e129-b71f-33f611237f9a@tana.it>
Message-Id: <123E18E2-71AB-4946-B886-A12A735AA1AC@wordtothewise.com>
X-Mailer: Apple Mail (2.3608.120.23.2.4)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/qCe1HIabpnqrdf8HuwBPwi8njbA>
Subject: Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Jan 2021 12:22:36 -0000


> On 4 Jan 2021, at 11:50, Alessandro Vesely <vesely@tana.it> wrote:
> 
> 
> 
>> Lets define "legitimate mail" as used in my proposed text to mean "delivery
>> is desired by the intended recipient and the message contains nothing that
>> threatens the interest of the user, the interest of the user's network, or
>> the policies of the user's organization."   Perhaps this is too
>> restrictive, because it  excludes advertising which is harmless in its
>> intent but unwanted by the recipient.
> 
> 
> Having advertisements come /From: advertiser/ is a goal.

Yes. 

[snip]

>> Email evaluation products need to handle all possible scenarios.  This
>> includes
>> - forwarded and not forwarded
>> - with and without SMTP rewrite
>> - with and without modification.
>> - with and without From rewrite
>> - with and without ARC sets
>> - whether the email header chain is accurately documented or fraudulently fabricated.
> 
> Girl Scout troops will inevitably fall in the not forwarded category.  ESP messages, instead, should come /From: ESP/.

This incompatible with the above goal of having advertisements come from the advertiser. 

I find it highly problematic that we’re teaching recipients that they get official mail from companies that come from an address that is not connected to the company at all. It further devalues the 5322.from and means that recipients cannot trust the domains that the see there. This is even more true when the domain is one they’ve never heard of and passes all of the checks and comes in with a ‘verified by DMARC.’ 

There is absolutely nothing stopping a phisher from taking advantage of this. In fact, phishers currently do send DMARC verified email where the domain in the 5322.from is unrelated to the links in the message or to the domain being phished. 

This seems to me to be a step along the path of making DMARC irrelevant by teaching recipients that mail with a 5322.from address they don’t recognize is legitimate email. 
 
laura 

-- 
Having an Email Crisis?  We can help! 800 823-9674 

Laura Atkins
Word to the Wise
laura@wordtothewise.com
(650) 437-0741		

Email Delivery Blog: https://wordtothewise.com/blog

v2.23.0 | Report a Bug | By Email