IETF Logo Mail Archive

Re: [ietf-822] WSJ/gmail/ML, was a permission to... (off-topic)

S Moonesamy <sm+ietf@elandsys.com> Mon, 05 May 2014 20:59 UTC

Return-Path: <sm@elandsys.com>
X-Original-To: ietf-822@ietfa.amsl.com
Delivered-To: ietf-822@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A0681A0659 for <ietf-822@ietfa.amsl.com>; Mon, 5 May 2014 13:59:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.841
X-Spam-Level:
X-Spam-Status: No, score=-3.841 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, GB_I_INVITATION=-2, J_CHICKENPOX_44=0.6, RP_MATCHES_RCVD=-0.651, T_DKIM_INVALID=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jNEyXV06kFNO for <ietf-822@ietfa.amsl.com>; Mon, 5 May 2014 13:59:13 -0700 (PDT)
Received: from mx.ipv6.elandsys.com (mx.ipv6.elandsys.com [IPv6:2001:470:f329:1::1]) by ietfa.amsl.com (Postfix) with ESMTP id B3EFD1A0654 for <ietf-822@ietf.org>; Mon, 5 May 2014 13:59:13 -0700 (PDT)
Received: from SUBMAN.elandsys.com ([197.224.134.8]) (authenticated bits=0) by mx.elandsys.com (8.14.5/8.14.5) with ESMTP id s45Kwv6B021940 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 5 May 2014 13:59:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=opendkim.org; s=mail2010; t=1399323549; bh=B1VSc+5fclEsELwVHPPgYzdlWFEO/7KqcBjTfJeQ6ac=; h=Date:To:From:Subject:In-Reply-To:References; b=28YUDX/QCVt5GEAdkMvJffMJi6bYq/iuiwp81MMqQCL8IhcfRlZl0K/2K5pU2b0+Z vs53vmAos6dTJYmtLhMGkr3HdAyK571+NLXezLXsewXBnq6LYHD8goZg7U+io+U/8G baL2gIden6KJs/U7R8gTG41IgsFPQOlCcP1UQPTk=
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=elandsys.com; s=mail; t=1399323549; i=@elandsys.com; bh=B1VSc+5fclEsELwVHPPgYzdlWFEO/7KqcBjTfJeQ6ac=; h=Date:To:From:Subject:In-Reply-To:References; b=w8poQUFSXimxyc8hiLGuZ1TqCE5uXO7JVA23hpxfydnEVQI4czmM7Goc6p8std8XT RkrlffCmgcTqXGYoVLEaMWCI0CcOwaxEwyOoWsjmp0hpTFvHNG/44yEKcEaUF4tziZ fJ1pSE3A9KOdrOToMQ8zYjnvyOwQXWItWLmNgZoY=
Message-Id: <6.2.5.6.2.20140505124909.0cbcd6a8@resistor.net>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.5.6
Date: Mon, 05 May 2014 13:47:32 -0700
To: Miles Fidelman <mfidelman@meetinghouse.net>, ietf-822@ietf.org
From: S Moonesamy <sm+ietf@elandsys.com>
In-Reply-To: <5367DB93.3050509@meetinghouse.net>
References: <20140418123721.3610.qmail@joyce.lan> <5365357D.2020101@tana.it> <53653C7A.3090304@pscs.co.uk> <53655C13.9070201@isdg.net> <5365F4F8.6020605@pscs.co.uk> <536629D7.7040809@meetinghouse.net> <6.2.5.6.2.20140505075814.0c9b0a68@resistor.net> <5367DB93.3050509@meetinghouse.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-822/a4aYI1Gf6GdaiL_nvOm12UYsWQw
Subject: Re: [ietf-822] WSJ/gmail/ML, was a permission to... (off-topic)
X-BeenThere: ietf-822@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of issues related to Internet Message Format \[RFC 822, RFC 2822, RFC 5322\]" <ietf-822.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-822/>
List-Post: <mailto:ietf-822@ietf.org>
List-Help: <mailto:ietf-822-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-822>, <mailto:ietf-822-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 20:59:15 -0000

Hi Miles,
At 11:42 05-05-2014, Miles Fidelman wrote:
>Well, I was using physical mail handling as an analogy, but... 
>Outlook supports delegated access rights for sending on behalf of, 
>as well as scheduling meetings on behalf of another mail user. Would 
>a recommend Outlook - that's a separate question :-)

Asking you to recommend Outlook is not something I would do. :-)

I have not tested Outlook.  Please do correct me if what I wrote is 
incorrect.  That MUA uses "Delegate Name on behalf of Manager Name" 
in the "From: header.  That's not what is in RFC 5322.

Here are some headers from a message:

   Return-Path: <[removed]@bounce.linkedin.com>
   Received: from maile-ed.linkedin.com (maile-ed.linkedin.com 
[199.101.162.60])
         by [removed] (8.14.5/8.14.5) with ESMTP id s457gjVQ013948
         (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL)
         for <[removed]>; Mon, 5 May 2014 00:42:51 -0700 (PDT)
   Authentication-Results: [removed]; dkim=pass
         reason="1024-bit key; unprotected key"
         header.d=linkedin.com header.i=@linkedin.com header.b=UyTsPaJu
   DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linkedin.com;
         s=proddkim1024; t=1399275758;
         bh=m3RA41aYlIhAwutaZd8/5p6sXXx1rnDoi4kKdNf6PvU=;
         h=Date:From:To:Subject:MIME-Version:Content-Type:
         X-LinkedIn-Template:X-LinkedIn-Class:X-LinkedIn-fbl;
         b=UyTsPaJuxbvrbLbrhwPq0TwJFtNZIs1J1SEUUqKTK/uU0KIO14h/kyqTeDv1UTWeV
         7b3rh0lOA2HxK68t2PHlOzEo4N7qGPZMiNv0oDMu6hqI84wgZSuyDSSFeXa4c5+MV8
         QXitJEceBdbA94UaFZ/brLnGVq1VV8W6qi84XgwU=
   Date: Mon, 5 May 2014 07:42:38 +0000 (UTC)
   From: [removed] <[removed]>
   To:  <[removed]>
   Message-ID: <64971956.6815671.1399275758987.JavaMail.app@ela4-app2321.prod>
   Subject: Invitation to connect on LinkedIn
   MIME-Version: 1.0
   Content-Type: multipart/alternative;
         boundary="----=_Part_6815668_1839834165.1399275758986"

The email address in the "From:" header did not contain 
"linkedin.com" as the domain.  According to 
https://help.linkedin.com/app/safety/answers/detail/a_id/37021

   "Phishing is a common tactic that cyber criminals use to try and steal your
    information and your money."

How do I determine whether that message was not from someone trying 
to steal information?   How would linkedin.com send an invitation if 
the domain required permission to appear in the "From:" 
header?  There isn't a "Sender:" header in the above headers.

Regards,
S. Moonesamy

v2.23.0 | Report a Bug | By Email