IETF Logo Mail Archive

Re: [ietf-822] WSJ/gmail/ML, was a permission to...

Dave Crocker <dhc@dcrocker.net> Sun, 04 May 2014 15:30 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf-822@ietfa.amsl.com
Delivered-To: ietf-822@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ACC091A0162 for <ietf-822@ietfa.amsl.com>; Sun, 4 May 2014 08:30:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r1UvrI3kX4Fj for <ietf-822@ietfa.amsl.com>; Sun, 4 May 2014 08:30:08 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id 511CB1A00D8 for <ietf-822@ietf.org>; Sun, 4 May 2014 08:30:08 -0700 (PDT)
Received: from [192.168.1.66] (76-218-8-156.lightspeed.sntcca.sbcglobal.net [76.218.8.156]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id s44FTxmM024917 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 4 May 2014 08:30:03 -0700
Message-ID: <53665CED.30305@dcrocker.net>
Date: Sun, 04 May 2014 08:29:49 -0700
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Arnt Gulbrandsen <arnt@gulbrandsen.priv.no>, ietf-822@ietf.org
References: <20140418123721.3610.qmail@joyce.lan> <5365357D.2020101@tana.it> <alpine.BSF.2.00.1405031436390.69873@joyce.lan> <53660835.7060805@tana.it> <alpine.BSF.2.00.1405040902410.1013@joyce.lan> <5da0fca6-7eb3-4db6-8a71-16fce69e67e6@gulbrandsen.priv.no>
In-Reply-To: <5da0fca6-7eb3-4db6-8a71-16fce69e67e6@gulbrandsen.priv.no>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.66]); Sun, 04 May 2014 08:30:03 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-822/F5naMyd5JINaWpoTrDhHwoWc-Xs
Subject: Re: [ietf-822] WSJ/gmail/ML, was a permission to...
X-BeenThere: ietf-822@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: "Discussion of issues related to Internet Message Format \[RFC 822, RFC 2822, RFC 5322\]" <ietf-822.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-822/>
List-Post: <mailto:ietf-822@ietf.org>
List-Help: <mailto:ietf-822-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 May 2014 15:30:09 -0000

On 5/4/2014 6:32 AM, Arnt Gulbrandsen wrote:
> I may be stupid here, but why does dmarc even apply to messages with a
> List-Id? Right now I can't think of any case where it makes sense to use
> both List-Id and DMARC.


It's an appealing thought, but it seems to be a security holoe:

A spammer wishing to use a domain name covered by dmarc would merely
need to include a List-ID header field, to disable dmarc processing by a
receiver...

d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

v2.23.0 | Report a Bug | By Email