IETF Logo Mail Archive

Re: [dmarc-ietf] Mandatory Sender Authentication

Seth Blank <seth@sethblank.com> Mon, 03 June 2019 14:12 UTC

Return-Path: <seth@sethblank.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A74AE120251 for <dmarc@ietfa.amsl.com>; Mon, 3 Jun 2019 07:12:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=sethblank-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1ed23Th6gprB for <dmarc@ietfa.amsl.com>; Mon, 3 Jun 2019 07:12:28 -0700 (PDT)
Received: from mail-pg1-x535.google.com (mail-pg1-x535.google.com [IPv6:2607:f8b0:4864:20::535]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 997E912024F for <dmarc@ietf.org>; Mon, 3 Jun 2019 07:12:28 -0700 (PDT)
Received: by mail-pg1-x535.google.com with SMTP id n2so8349675pgp.11 for <dmarc@ietf.org>; Mon, 03 Jun 2019 07:12:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sethblank-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=cNzgDHaoiXjAGtsBB+cfD6cB7TxhhQsRD3+0+RWoGj8=; b=rUlLOmlpoDD4YNW2Pm+J9uBQFmUi8FhMRG39lq2AnLR4u0uGZISWpmuXI+8uJLl2ht 4s+3MDba9UbCn3uW6/Bz6A5Sb4LMHRMvhVf1MNYuZh4eW3d/3mOZDyiEbyd9r7ScgljV y3bE+W7PtIoA6/mp9pUytKSxNhWr4hEihgz2KDPX0ibUKIjpiIBwfW/0bljfguFPuLiv 7MRL89ROKXlmjMPl2oVYkd/dTeKnk+3W8hvasA32Ezu5o6N2z+z1IitOsBeF+bhycdsZ 2slFd1/msmhymM+NQMcP/+jigmdD/gwU0Vf+QIMlBvz7knhk5pLeVbx6/Ex636XV5XxP Nl8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=cNzgDHaoiXjAGtsBB+cfD6cB7TxhhQsRD3+0+RWoGj8=; b=iHRi9lriQqJw2XpeZPk9XQUin7WzFcUVaaeHFL4xEh0kzSgmggvfqBwgi+z7P/mMFO YKKVqE1LAHXfMfZlyR18br0rB47G9vqyBBCELKRe5IcoeMLo0rh1n08V1ONG1SajfKEx 5Z2Dfm16Hp0Zm5ZdADFevrx2xh48Jyr5IuJf2qD23RGvf+CNDMU7MNnaJgpN/BGM+wrF +So2G+fLbELmA6QWRIT/4OeXKsNlGe4eGdREwL/+gG7cVW0PK7QCKKF3c4vCpOxilfOX jrV8RBCBo1pUvcsBipTDH4Tl1XDfJBYw+BC+jBCQnRDj6dQSDeTYQQpfgGsRrGMcm5Dn SP7Q==
X-Gm-Message-State: APjAAAWRa8zCVyWIEvh1mE4S2M52trRpRnIevL8M+9SZrlth5mHRWymF 4Z/9+G5q0k4I6bGXAb25xG6X86Vn9hMJCIzl9bdPsqLPUNX136FI
X-Google-Smtp-Source: APXvYqwAO+2tAgkq57xL8jJZs3TmGrqoRBlGVki5fd2+48quWQthK/KJck8q9kIHkOYGDZG2Ct9XirAPFIf5zYYlGNQ=
X-Received: by 2002:a63:f44f:: with SMTP id p15mr28335763pgk.65.1559571146719; Mon, 03 Jun 2019 07:12:26 -0700 (PDT)
MIME-Version: 1.0
References: <e5ee6809b78b45ea937105f86d84f499@bayviewphysicians.com>
In-Reply-To: <e5ee6809b78b45ea937105f86d84f499@bayviewphysicians.com>
From: Seth Blank <seth@sethblank.com>
Date: Mon, 03 Jun 2019 16:12:10 +0200
Message-ID: <CAD2i3WNFSiJGg+3jh98-a4Tn=uFh0iLxtdrS62C6bVOLZ0Pq3w@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000343045058a6bf46c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/tCE8Yi1UWoeeAsKz7mbwSTP4gDE>
Subject: Re: [dmarc-ietf] Mandatory Sender Authentication
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Jun 2019 14:12:30 -0000

On Mon, Jun 3, 2019 at 3:59 PM Douglas E. Foster <
fosterd@bayviewphysicians.com> wrote:

> Our real goal needs to be mandatory sender authentication.    Any secure
> email gateway must go through these steps:
>

Our goal is defined in our charter:
https://datatracker.ietf.org/doc/charter-ietf-dmarc/


>
>    1. Source Analysis:  Filter message from unwanted sources
>    2. Sender Authentication:  Filter messages that are attempting
>    impersonation
>    3. Content Analysis:  Filter messages with unwanted content
>
>
1 and 3 are out of scope for this group's work. For 2, DMARC, and tweaks to
SPF and DKIM to support DMARC, and this group's focus. Right now, we're
working on a standards track version of DMARC.

To your notes about sender authentication needing to become mandatory, do
you have any recommendations on items that make this difficult for senders
that should be addressed as part of the DMARCbis process? We had a call for
these items that closed on 5/24, but welcome other feedback.

Seth

v2.23.0 | Report a Bug | By Email