Re: [dmarc-ietf] Email security beyond DMARC?
DAMY gustavo <gustavo.DAMY@upu.int> Wed, 20 March 2019 09:34 UTC
Return-Path: <gustavo.DAMY@upu.int>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 12740131095
for <dmarc@ietfa.amsl.com>; Wed, 20 Mar 2019 02:34:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=upu.int
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id GwoqaCZCFgSl for <dmarc@ietfa.amsl.com>;
Wed, 20 Mar 2019 02:33:57 -0700 (PDT)
Received: from mgw3.upu.int (mgw3.upu.int [193.247.49.9])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id A86FD1274A1
for <dmarc@ietf.org>; Wed, 20 Mar 2019 02:33:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
d=upu.int; i=@upu.int; q=dns/txt; s=default;
t=1553074433; x=1584610433;
h=from:to:subject:date:message-id:references:in-reply-to:
content-transfer-encoding:mime-version;
bh=ldUPEBJ/04FyFhIzw7iNgJzm4baRB/aBy7ih2owQgso=;
b=OVAR5fEbsBQ5Iy92pkeva8hfd8tACiBMH5imgs45FsK4Wve4Rn2Sxd1V
hWIgCoN3A5HwHip2DmwHGki2Q5D5oE4Kmq+VYLjvza9j6EHWrnSIdh3eU
iRWcJ+15Pnkjoxj6sqePuFGBxLaJe+CgrvinaJcRKXhoKGD6JI4BtKibN
GWaIGXTFo19ehtJPmJnTP2u5D5HoABlTYSPoaBA3+JC50v1IKKa9B4GId
NWtsyl5AyT24Tiwv7ENkZfCB7sWrV9Qenk29xvQ2rN2+Ns84jzqu4p/aC
KN17v94KtZ/cyYi4KzMxZQd56GUBgbkP+6CDZwhNjEI16iFfxxX1dWtvh A==;
Authentication-Results: mgw3.upu.ch;
spf=Pass smtp.mailfrom=gustavo.DAMY@upu.int;
spf=None smtp.helo=postmaster@PEXC02.upu.ch
Received-SPF: Pass (mgw3.upu.ch: domain of gustavo.DAMY@upu.int
designates 193.247.55.161 as permitted sender)
identity=mailfrom; client-ip=193.247.55.161;
receiver=mgw3.upu.ch; envelope-from="gustavo.DAMY@upu.int";
x-sender="gustavo.DAMY@upu.int"; x-conformance=spf_only;
x-record-type="v=spf1"; x-record-text="v=spf1
ip4:193.247.55.160/32 ip4:193.247.55.161/32
ip4:80.80.227.166/32 ip4:193.247.63.15/32
+a:erecruit.noreply.upu.int +mx -all"
Received-SPF: None (mgw3.upu.ch: no sender authenticity
information available from domain of
postmaster@PEXC02.upu.ch) identity=helo;
client-ip=193.247.55.161; receiver=mgw3.upu.ch;
envelope-from="gustavo.DAMY@upu.int";
x-sender="postmaster@PEXC02.upu.ch"; x-conformance=spf_only
IronPort-SDR: kJUv8wLpqWELbts8Cl7q1R7PL8efKlrsNXKaP64Sp/OU7sQjfH7RNkgogphfoSyfoSaa0IaJDC
8EIZAZoLA5AdYHYT0mcpijCIznug1BtBQ1W3NseHLsC5yATaUzseSLciicb0EPq0k52YdOOIkV
HfO/S39HefgA9w9ty+5gtA06iRJgYBI54Qau20S2D63+WjjNmdy5vhiup3Ex5kY0z1TYp7j/jg
JAH6cSe2QesrGygo3yn1kEJ3JJ8q+1td6j2zUsMgTFCaG7SZTtJwuVN4bMN8vmsIBGqGxejUaP
/N0=
X-IronPort-AV: E=Sophos;i="5.60,248,1549926000";
d="scan'208";a="1860181"
Received: from PEXC01.upu.ch (2002:c1f7:37a0::c1f7:37a0) by PEXC02.upu.ch
(2002:c1f7:37a1::c1f7:37a1) with Microsoft SMTP Server (TLS) id 15.0.1130.7;
Wed, 20 Mar 2019 10:33:46 +0100
Received: from PEXC01.upu.ch ([fe80::28c1:e4c1:2f2e:11fc]) by PEXC01.upu.ch
([fe80::28c1:e4c1:2f2e:11fc%13]) with mapi id 15.00.1130.005; Wed, 20 Mar
2019 10:33:46 +0100
From: DAMY gustavo <gustavo.DAMY@upu.int>
To: "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] Email security beyond DMARC?
Thread-Index: AQHU3b0Xv/AeslasNkiUwE096qOcBKYTO0Dw///6sgCAAAU7gIAA+KSQ
Date: Wed, 20 Mar 2019 09:33:45 +0000
Message-ID: <8e26770d45b14816b3a5b9da33acf83a@PEXC01.upu.ch>
References: <1dc451a973a8443a87d37b6e5c41fe38@bayviewphysicians.com>
<alpine.DEB.2.20.1903181355520.5419@softronics.hoeneisen.ch>
<90b936ec488f41108bc4e528eb7933f6@PEXC01.upu.ch>
<002a01d4de81$18ac27b0$4a047710$@bayviewphysicians.com>
<alpine.DEB.2.20.1903191935400.4731@softronics.hoeneisen.ch>
In-Reply-To: <alpine.DEB.2.20.1903191935400.4731@softronics.hoeneisen.ch>
Accept-Language: en-GB, fr-CH, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.22.0.30]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/rT7FG1Y8C6bFp1Kk6OKFEBuIo6Y>
Subject: Re: [dmarc-ietf] Email security beyond DMARC?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting,
and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>,
<mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>,
<mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2019 09:34:00 -0000
OK thank you Bernie, But pEp is also based on MIME (which requires trust on at least one centralized CA which falls into the centralized infrastructure isn't it ?) And yes I agree bad guys could use this as well (but probably they already do it anyway) so through pEp + DMARC it wouldn't be even safer to exchange messages finally an easy way to have End to end encryption using open protocols for webmail (and not just rely on existing APPS/SW) implementations? At the end you have to trust someone and that could be linked to existing DMARC DNS records? Regards Gustavo -----Original Message----- From: 'Bernie Hoeneisen' <bernie@ietf.hoeneisen.ch> Sent: Tuesday, March 19, 2019 7:44 PM To: Doug Foster <fosterd@bayviewphysicians.com> Cc: DAMY gustavo <gustavo.DAMY@upu.int>nt>; dmarc@ietf.org Subject: Re: [dmarc-ietf] Email security beyond DMARC? Dear Doug / Damy There is no direct connection between pEp and DMARC, as pEp is not relying on centralized infrastructure. cheers Bernie On Tue, 19 Mar 2019, Doug Foster wrote: > Can one of you elaborate on the potential connection between PeP and DMARC, > or more generally, the connection beteen PeP and spam filtering? > > -----Original Message----- > From: dmarc [mailto:dmarc-bounces@ietf.org] On Behalf Of DAMY gustavo > Sent: Tuesday, March 19, 2019 2:03 PM > To: dmarc@ietf.org > Cc: Bernie Hoeneisen > Subject: Re: [dmarc-ietf] Email security beyond DMARC? > > Very useful links Bernie, thanks for the info. > I wonder if this working group will eventually will make reference to the > concept of PeP protocol to reinforce the usage of DMARC you are mentioning > below? > > Best Regards > Gustavo Damy > > > -----Original Message----- > From: Bernie Hoeneisen <bernie@ietf.hoeneisen.ch> > Sent: Monday, March 18, 2019 1:58 PM > To: Douglas E. Foster <fosterd@bayviewphysicians.com> > Cc: dmarc@ietf.org > Subject: Re: [dmarc-ietf] Email security beyond DMARC? > > Hi Doug > > On Sat, 16 Mar 2019, Douglas E. Foster wrote: > >> I tried to understand what IETF is doing about email security, and >> this working group seems to be the only surviving effort. Based on >> the index, the groups attention is focused on polishing the existing >> DMARC implementaton rather than plowing new territory. Given the >> devastating effect of WannaCry and the success of other email-based >> attacks, I think our work is far from finished. > > You may want to have a look on some upcoming work. We just started a new > mailing list, which includes the topic of email security: > > MEDUP -- Missing Elements for Decentralized and Usable Privacy > > To subscribe: > > - https://www.ietf.org/mailman/listinfo/medup > > Please find more information on: > > - https://mailarchive.ietf.org/arch/msg/medup/mbrbhFekt_srXShzpCa4RiXgPbY > > - https://mailarchive.ietf.org/arch/msg/pearg/oBjgAwG3_eoR6tpLQGTE_9OggzQ > > The former also includes a list of Internet-Drafts describing the MEDUP > challenges. > > > Please be also informated that the LAMPS WG has requested a new work item on > email header protection to be added to its charter. > > > Hope that helps! > > Best, > Bernie > > -- > > http://ucom.ch/ > Modern Telephony Solutions and Tech Consulting for Internet Technology > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
- [dmarc-ietf] Email security beyond DMARC? Douglas E. Foster
- Re: [dmarc-ietf] Email security beyond DMARC? Grant Taylor
- Re: [dmarc-ietf] Email security beyond DMARC? Dave Crocker
- Re: [dmarc-ietf] Email security beyond DMARC? Bernie Hoeneisen
- Re: [dmarc-ietf] Email security beyond DMARC? DAMY gustavo
- Re: [dmarc-ietf] Email security beyond DMARC? Doug Foster
- Re: [dmarc-ietf] Email security beyond DMARC? John Levine
- Re: [dmarc-ietf] Email security beyond DMARC? 'Bernie Hoeneisen'
- Re: [dmarc-ietf] Email security beyond DMARC? DAMY gustavo
- Re: [dmarc-ietf] Email security beyond DMARC? Bernie Hoeneisen
- Re: [dmarc-ietf] Email security beyond DMARC? Bernie Hoeneisen
- Re: [dmarc-ietf] Email security beyond DMARC? Dave Crocker
- Re: [dmarc-ietf] Email security beyond DMARC? Grant Taylor
- Re: [dmarc-ietf] Email security beyond DMARC? John R Levine
- Re: [dmarc-ietf] Email security beyond DMARC? DAMY gustavo
- Re: [dmarc-ietf] Email security beyond DMARC? Dotzero
- Re: [dmarc-ietf] Email security beyond DMARC? John R Levine
- Re: [dmarc-ietf] Email security beyond DMARC? John R Levine
- Re: [dmarc-ietf] Email security beyond DMARC? Ken Simpson
- Re: [dmarc-ietf] Email security beyond DMARC? John R Levine
- Re: [dmarc-ietf] Email security beyond DMARC? Ken Simpson
- Re: [dmarc-ietf] Email security beyond DMARC? Dave Crocker
- Re: [dmarc-ietf] Email security beyond DMARC? Doug Foster
- [dmarc-ietf] SPF / Re: Email security beyond DMAR… Дилян Палаузов