Re: [dmarc-ietf] DMARC'ed reports, was Forensic report loops are a problem
Michael Thomas <mike@mtcc.com> Tue, 02 February 2021 02:33 UTC
Return-Path: <mike@fresheez.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D6183A169B for <dmarc@ietfa.amsl.com>; Mon, 1 Feb 2021 18:33:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.751
X-Spam-Level:
X-Spam-Status: No, score=-1.751 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3lYNp1xdyo0s for <dmarc@ietfa.amsl.com>; Mon, 1 Feb 2021 18:33:43 -0800 (PST)
Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 805733A1690 for <dmarc@ietf.org>; Mon, 1 Feb 2021 18:33:43 -0800 (PST)
Received: by mail-pl1-x632.google.com with SMTP id g3so11618027plp.2 for <dmarc@ietf.org>; Mon, 01 Feb 2021 18:33:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=RiqRe63PcvOLbDsDxCxNA86eAThR7IsHAMgUx4IjVPM=; b=JTK8KvE/eZ+vr386AkSOeBaBnydrCDL+7/dIiiW7LEdbRvGMnXfoznTYUaB9JxyHQB 7fJamwypNzoTp+VGr/+0RPFtSSTor6tle+q6CBEWzwrBtUsB7Ro2ZOO3Bnm2fST3mmKr t415OQxjTtBrnFUvc1Qh5wDFY9VbvjxV+UBUrVRNJBIaTevqoIQ3pdE3DXlwpCZ4l8+C q9wHwhd4m8jqfR2/uQmYXeFCkhG9yGbU04ED9Tnbn6zwib9W7/G/s6TyJSmontF9IOwy Q/Fhw+i955lvN8hd7HorkaYFiMtmQGrojkxiqdYypmXroIjKbEI/VyqWI7CRjE2ZVJ1y j+ig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=RiqRe63PcvOLbDsDxCxNA86eAThR7IsHAMgUx4IjVPM=; b=o9e2iOAqikOcFMjX5ZwBWlJje/pXMMGt9RDDm30OyKYurF7CCKqRX37mmLrt1Gtq3d iLKxudXWojS95AkONsilM/MkKBBIa6zfqeQO1tIuCnmeLZJHrYyKZTrvxIQwwrps1y/m Un3dkQas6y4Gyw2aERI13UF+J+e7zoaMNPgmR726wbCJvdRa5TsXA561yBg4YzuIfeK1 Z1lQ66eZaQuFV3Xomyk8AnmEavkjqW3zZqgioX8bVrD3gyHPjHLVPvvyrwFSuIn1ZOzo aXZNK7YOhAk4aFWUg2dMRHAIcGHPikSfrQMkGZmq4gOaf86fVN/PrCjXOBMjF7qSvM+S u6TA==
X-Gm-Message-State: AOAM530z92ofuqCrmuOdMMM8VCdtf4zV1glx1HpfcrgE1+05DYEdvdin tQAiorSYcYGZfpXIwuHYhBL//3fmfK5hKg==
X-Google-Smtp-Source: ABdhPJx2sRR1Mm9+eTOsRFou7id4qjXnMcLrHkaA8doOLt5bS8nXNB74Utw2iywcNzry3mb9XxofAw==
X-Received: by 2002:a17:90a:4548:: with SMTP id r8mr1910294pjm.16.1612233222508; Mon, 01 Feb 2021 18:33:42 -0800 (PST)
Received: from mike-mac.lan (107-182-37-188.volcanocom.com. [107.182.37.188]) by smtp.gmail.com with ESMTPSA id i9sm19737145pfo.146.2021.02.01.18.33.41 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 01 Feb 2021 18:33:41 -0800 (PST)
To: Dave Crocker <dcrocker@gmail.com>, dmarc@ietf.org
References: <20210201232105.1931D6D20971@ary.qy> <41163cd5-be81-6fd7-07dd-7a474874429e@gmail.com> <92b361a1-d9a5-9389-46b-3725d885c02@taugh.com> <b83c7574-3aa9-bd39-1a9b-3be6fa4f47ec@gmail.com> <f28780c0-8533-3a49-d5e3-99fcbbb446ed@mtcc.com> <554d5bd4-8a62-15d2-8f71-aa942c17e654@gmail.com> <18dbfe7b-3f74-69bd-fa54-7f9b1fb66557@mtcc.com> <1babf085-abd2-fc76-3167-231ef7e9fada@gmail.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <bb6d4047-e51a-48a5-3e23-3e03c7a73ce1@mtcc.com>
Date: Mon, 01 Feb 2021 18:33:40 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <1babf085-abd2-fc76-3167-231ef7e9fada@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/qRbLzbxSR1_nJ2J00NontjijNNw>
Subject: Re: [dmarc-ietf] DMARC'ed reports, was Forensic report loops are a problem
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2021 02:33:44 -0000
On 2/1/21 6:24 PM, Dave Crocker wrote: > On 2/1/2021 6:13 PM, Michael Thomas wrote: >> Because we all know how well unauthenticated data worked out for >> email. I fail to see why anybody would be in favor of digesting >> unauthenticated data when the method of authenticating it is trivial >> and well known. It's an extraordinary claim that needs to be backed >> up. But you don't need to convince me; you need to convince the >> security AD's and cross area reviewers. > > > DMARC has been deployed for 6 or 7 years. Where is this onerous abuse > on reporting that you feel is inevitable? Email was around for 20 years until spam became a problem. We know how this plays out: bad guys do the least amount of work possible until they have to react. When it becomes a barrier as p=reject does, they take action to protect their turf. Plugging an obvious security hole with a well known and trivial set of authentication mechanisms to prevent forgery should be the default posture. Anybody who is against that needs to explain in depth why it should not be the case. Especially since it's part of DMARC now. Mike, security related specs thumbing their nose at security is a very peculiar stance.
- [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Steven M Jones
- Re: [dmarc-ietf] Forensic report loops Juri Haberland
- Re: [dmarc-ietf] Forensic report loops Дилян Палаузов
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops John Levine
- Re: [dmarc-ietf] Forensic report loops Kurt Andersen (b)
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Douglas Foster
- Re: [dmarc-ietf] Forensic report loops Дилян Палаузов
- Re: [dmarc-ietf] Forensic report loops are not a … John Levine
- Re: [dmarc-ietf] Forensic report loops are not a … Douglas Foster
- Re: [dmarc-ietf] Forensic report loops are not a … Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are not a … John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Juri Haberland
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Steven M Jones
- Re: [dmarc-ietf] Forensic report loops are a prob… Steven M Jones
- Re: [dmarc-ietf] Forensic report loops are a prob… Douglas Foster
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] report floods, not Forensic repo… John R Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Douglas Foster
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Dotzero
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Dotzero
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… John R Levine
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Douglas Foster
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Seth Blank
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Alessandro Vesely
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John R Levine