IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC alignment conflicts with RFC 5322 on the use of the From and Sender header fields

Seth Blank <seth@valimail.com> Tue, 02 June 2020 22:53 UTC

Return-Path: <seth@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7474F3A10CF for <dmarc@ietfa.amsl.com>; Tue, 2 Jun 2020 15:53:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A4rmPg1yVHE3 for <dmarc@ietfa.amsl.com>; Tue, 2 Jun 2020 15:53:27 -0700 (PDT)
Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 327C03A10CE for <dmarc@ietf.org>; Tue, 2 Jun 2020 15:53:27 -0700 (PDT)
Received: by mail-wm1-x344.google.com with SMTP id r15so42144wmh.5 for <dmarc@ietf.org>; Tue, 02 Jun 2020 15:53:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=LY5Q8TheCUnH+yVaL4kRbnj31diX0up/nfp2NjN72iY=; b=EgzIAbhP8sgyVcGGyfZNT0MoVL/A6aJL4HDB59y0/dEUiTA8RgUxdzTL7MDiaaFT9Y D1bx5arxDqyFWdz3Y63o8CYoXOrql5cie8xCSmKbZHW724MkEnn8Ks+P6zdKJ+zdqivu uPVjnw3XRYB8x84eKfbN0KU4raPagGIP7hLY8aCO1idNdvBusY/wSVu7pLDaUoqmhFe9 oqsFvHudlT9NkBqhL+ub1SQ/7vhMhl6pkppem/FgSTJXcqTR6Xsz1evMiJufl2hCjZW+ qX7jarqD21Lcz7LWPKlgrTzZ3I5/hfuHkiks2r1WzVfE8AHJePPHbHQn42DSdwsMxQ/G oOsA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=LY5Q8TheCUnH+yVaL4kRbnj31diX0up/nfp2NjN72iY=; b=DGmAt1mtBzQ67tKTubR9w/+U+kSs3qGJks6iUM0dqWQwISW+ji3RQrJluyCA+mNfEW WbKzRHUYGAxJ3g4ZEENgVbQhb3LbjB6KwuLx2VAbPo51/l/jAO4XjlVRM+mc8hMFcgVQ XMUkB/OOK7ku6UTvIN5ELhWyANWW4kUAuxfiNUVO9n7HP/fRZMsB812cVXG7Vr5McGzK kVPDpHEfZwsf182dOzbT4GV6UEDW9mEOiJuuO5YdPbJXQlCPoLPTeKtTPg/1RW83pCuL PjQFR/v7at878Ei9FXNGGJQpeMQ8j2VHOwrOIsN5mNU3+C5NXta59gRAZFqYSgDmuj7s lroQ==
X-Gm-Message-State: AOAM531C1SqLpcMM08MIGjCNR/Xs7G7WmhjRet9liKehKbjCjj+Bb0XP SiKNBbsb6ktg8DC08rWWpvltYaXKPQP7sqpq7ZLK7w==
X-Google-Smtp-Source: ABdhPJxqudT29WrGOrxkxt//fqkRu1H3YiDavBUgalrUOWv2P4CXlyzNCNLiWyr+75bNMAZG+6bZL71MbIMWnHmZ1tI=
X-Received: by 2002:a7b:c8d6:: with SMTP id f22mr6019707wml.188.1591138405459; Tue, 02 Jun 2020 15:53:25 -0700 (PDT)
MIME-Version: 1.0
References: <DM5PR0601MB367115AD49513EAF3953716CF68B0@DM5PR0601MB3671.namprd06.prod.outlook.com> <18441e8d-cf87-053e-4957-7b9d6ea9690c@gmail.com> <CABa8R6s7Lh_nihfH4Y8=JFCDFL6T_iEd+dBf7C=iW+5S3K4i3A@mail.gmail.com> <1093905c-7556-ab65-ae9f-6c97d1707878@gmail.com> <CAL0qLwYm=QnSLQ_n_+xq_vvEh47TJT+HXZKem5uKhtfRotKAbQ@mail.gmail.com> <c03d4ea4-20e1-12a6-9581-f51a81330ca5@gmail.com> <CAOZAAfO42WrYi6drByD=fdoU=1su-WO6nGH0OoEN1Txw2ONNvA@mail.gmail.com> <CAJ4XoYcyr-3Sdk+96AxJuKAjH124ziTLZV=1K__5ZF-ME3=G5Q@mail.gmail.com>
In-Reply-To: <CAJ4XoYcyr-3Sdk+96AxJuKAjH124ziTLZV=1K__5ZF-ME3=G5Q@mail.gmail.com>
From: Seth Blank <seth@valimail.com>
Date: Tue, 02 Jun 2020 15:53:14 -0700
Message-ID: <CAOZAAfMxVt8JsmXJcui-ejjvsjz3zdTegphA9jUJKQaVxEum-A@mail.gmail.com>
To: Dotzero <dotzero@gmail.com>
Cc: Dave Crocker <dcrocker@gmail.com>, "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000072432905a721c71b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/xXNetTP0Pm0fFFIpfCfGCcA1RbM>
Subject: Re: [dmarc-ietf] DMARC alignment conflicts with RFC 5322 on the use of the From and Sender header fields
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Jun 2020 22:53:29 -0000

On Tue, Jun 2, 2020 at 3:42 PM Dotzero <dotzero@gmail.com> wrote:

> Actually Seth, you are flat out wrong. I was there and part of it. It was
> not about signaling. It was implemented at the MTA  level and was about
> preventing the "badness" from reaching the end user rather than signaling
> to the end user.
>

Michael, there's a crossed wire here-- I didn't mean to communicate that
DMARC is in any way about signaling. I'm in complete agreement here. The
point I was trying to make is that consumers are susceptible to fraud, and
the system needs to stop these messages before they ever get in front of a
user. The signal I was talking about is from the data: when something tries
to authenticate to an MTA but then tell the user it's someone else. That's
what alignment fixes and what's so powerful about DMARC.


> Google experimented with displaying "keys" and Microsoft experimented with
> displaying "shields". Neither of those efforts were integral to the DMARC
> effort. My own experience is that a significant percentage of end users
> will click on just about anything. This was validated in the 2007 timeframe
> during some phishing runs where the bad guys actually left some tracking
> code on a fake WWW landing page the email links led to. It was also
> validated during the Storm Worm when the links used IP Addresses. This
> issue has been validated at other points and times. Individual sending
> organizations and receiving domains have been generally reluctant to
> release data because it might expose company confidential information.
> Aggregated isn't so useful because there are significant variations in
> company efforts - not just with DMARC - that impact outcomes. So far,
> signaling to the end user doesn't have a particularly good track record.
>
> DMARC started as a private effort among a handful of private parties. when
> it was successful in stopping direct domain abuse for a handful of sending
> domains at a handful of receivers we started discussing whether the
> approach could be codified as a standard to enable others to benefit from
> the approach. The origins and history are important in understanding why
> DMARC is what it is.
>

I'm in complete agreement with this, and didn't mean to convey otherwise.


>
> Michael Hammer
>
>>

v2.23.0 | Report a Bug | By Email