IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal

Richard Clayton <richard@highwayman.com> Wed, 14 June 2023 22:13 UTC

Return-Path: <richard@highwayman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79F8CC15109C for <dmarc@ietfa.amsl.com>; Wed, 14 Jun 2023 15:13:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=highwayman.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9pHe5TouZ0pu for <dmarc@ietfa.amsl.com>; Wed, 14 Jun 2023 15:13:07 -0700 (PDT)
Received: from mail.highwayman.com (mail.highwayman.com [82.69.6.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E543CC151071 for <dmarc@ietf.org>; Wed, 14 Jun 2023 15:13:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=highwayman.com; s=rnc1; h=Content-Transfer-Encoding:Content-Type: MIME-Version:In-Reply-To:References:Subject:From:To:Date:Message-ID:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=SZp9KA+GiyHhHslu6GVL6VeXK+nSjKByUa40sa55yD0=; t=1686780787; x=1687644787; b=pSQXqd+47Mcli84Saap7gwXV15Fvpwtv7d6GMDGuJcDygRezVJFsfMx5UU2sKuhYqzaPEz49e2D 2cwBTS83CKG6kfDp9ADbIeIbC79qugIH5sePOIjoK+F8pdD/jqA1jOEFM1KmVeZ2jClULfr7ve2Qu WZiesU5skjRB0muS/U2cN1X//H209LQxLY7N2gZX48lF/mV2E5C1VGsLfe0SxmfwlsQ0BU5IxYeSs prelckIhKQ0eOh1AlQdTpjOGI86Dk4WXeOrCDalF2XGmBLoZbQf3UMWUS8yLChrd8lSmr42WB+gWJ vp+x92cb+7Ebg6ez+b7Xhl6Ujc8qymkPWX3w==;
Received: from localhost ([127.0.0.1]:12140 helo=happyday.al.cl.cam.ac.uk) by mail.highwayman.com with esmtp (Exim 4.95) (envelope-from <richard@highwayman.com>) id 1q9Yjg-000O1a-LJ for dmarc@ietf.org; Wed, 14 Jun 2023 22:13:04 +0000
Message-ID: <9Fdsn0CQsjikFA9E@highwayman.com>
Date: Wed, 14 Jun 2023 23:11:28 +0100
To: IETF DMARC WG <dmarc@ietf.org>
From: Richard Clayton <richard@highwayman.com>
References: <30BB83B2-B454-41B8-992B-8E2569802D9C@1und1.de> <D225D7FC-C570-4B63-A694-9F16DB1F33E1@kitterman.com> <CALaySJKwuOK-81dW2H9dtURxa5mLQDUNo+MWcs+Hho8N+yP9qg@mail.gmail.com> <2817813.dRqVH37e0G@localhost> <CALaySJJbPFBAV_7mZaARYWuMzuX+74r2Cm0jD+z92_iuFRn_MQ@mail.gmail.com> <25736.57534.195344.782189@fireball.acr.fi> <CAH48ZfyaXG8z155kjj0udTiCn8CtHnikfmL+nTXpeR=ZGpTqWA@mail.gmail.com>
In-Reply-To: <CAH48ZfyaXG8z155kjj0udTiCn8CtHnikfmL+nTXpeR=ZGpTqWA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Mailer: Turnpike Integrated Version 5.03 M <Hm9$+P8L77fLCOKLZeV+dOUngJ>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/wltpf90Zz3KB2k5XOf1QjWQ_gcU>
Subject: Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Jun 2023 22:13:12 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In message <CAH48ZfyaXG8z155kjj0udTiCn8CtHnikfmL+nTXpeR=ZGpTqWA@mail.gma
il.com>, Douglas Foster <dougfoster.emailstandards@gmail.com> writes

>    * The 5% with inconsistent results need further investigation.   
>      Perhaps a server farm has one server that is generating wrong 
>      signatures.

more likely the email has been "fixed up" by a transport layer after the
signature was calculated. Start by looking for patterns such as accented
characters in the Subject header field or the RFC5322 From header field
(where Unicode stand-alone accents have been amalgamated with the
character they affect as a single glyph) or for unusual sets of spaces
(where "invisible" Unicode values have been substituted)

better yet of course get hold of the original email before it was signed
and sent to you -- but spammers tend not to help you with that !

- -- 
richard                                                   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBZIo7EN2nQQHFxEViEQLmKwCZAW3bqT5sWhDx6qr+WZ38maKfOl4AoMLT
aM2bjkAMnzUEliPUKB1NW/ho
=w9W/
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email