IETF Logo Mail Archive

Re: [ietf-dkim] [dmarc-ietf] draft-kucherawy-dmarc-rcpts

Brandon Long <blong@google.com> Wed, 23 November 2016 04:31 UTC

Return-Path: <ietf-dkim-bounces@mipassoc.org>
X-Original-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Delivered-To: ietfarch-ietf-dkim-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC7D312950B for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Tue, 22 Nov 2016 20:31:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.789
X-Spam-Level:
X-Spam-Status: No, score=-1.789 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, DKIM_SIGNED=0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (body has been altered)" header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wzPIyVN7kCFB for <ietfarch-ietf-dkim-archive@ietfa.amsl.com>; Tue, 22 Nov 2016 20:31:30 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 912451294EB for <ietf-dkim-archive@ietf.org>; Tue, 22 Nov 2016 20:31:30 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [127.0.0.1]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id uAN4VNNS010465; Tue, 22 Nov 2016 20:31:24 -0800
Authentication-Results: simon.songbird.com; dkim=fail reason="verification failed; unprotected key" header.d=google.com header.i=@google.com header.b=PqZOf/vZ; dkim-adsp=none (unprotected policy); dkim-atps=neutral
Received: from mail-oi0-f51.google.com (mail-oi0-f51.google.com [209.85.218.51]) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id uAN4VJR8010459 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT) for <ietf-dkim@mipassoc.org>; Tue, 22 Nov 2016 20:31:21 -0800
Received: by mail-oi0-f51.google.com with SMTP id b126so2185472oia.2 for <ietf-dkim@mipassoc.org>; Tue, 22 Nov 2016 20:30:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=f6JY4EuDU47jDybuqLy0Ke9ThS2NHDQ8S8K7Qwq0doI=; b=PqZOf/vZCnKy3wibjz3TnfO63bCs2MESixMh/cj4T5lgTesMzgSTXNRjylbqtHmaWL /0VM+Um03XOhWr1ifKKuNX1OY2h/8VAIOp2B5ib6XlthQrWVY494f6q1dBDwkiqfs8LI PVLz04Mr2mBidVmkyg1fo7cdrYDNj+R2p6gnu0YmdEYRb14ccV8HLqFEKdHcuLvBg4vg c+Wx6j0CcavImHZBRzAqmDR0XFanq1WOS2+EJYTeZ5HFVZGzGgWKCln7M8qrCyFdnVv1 dJR4egjSh0ioUfvEhBLjnWZI6IfdqSPC/QNtsnE7qdxYet/cl94TY/rg+43LG2FiPixG xo3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=f6JY4EuDU47jDybuqLy0Ke9ThS2NHDQ8S8K7Qwq0doI=; b=UZF+sRwkUih8g1MdjBcDcwwYBJjC4zgHyKpcFLKnnBV0Gf0WeXBkrqSdmMhIo83Rpx PLfInxT+FGUJwAyUTGyKbbpeVPMZIJkDPmqYBMC5NSZSG351SCFJH57GnzLFdnHa+M9i YRDhOs4CGZTbiUGS7F882VzZEpxYrA9z78sPs3dpfpm5Ira/iC9WCJKVqCNdj+az6Qul yO2/K5aN2/noY1bOhel+q7vDZxSnyMJmstegvgby3V7e7DDoNLrGU1I9Y2pVqBG5bi+M BIGhJvhnYcf98R+pL9uFYiWUARzF1u4xMIS3oMqLtvl+DkEhZNxkTye5+tsOaekbbidd hnUQ==
X-Gm-Message-State: AKaTC00u7zhOGWFxC4bgS8/ACnQR+JlKhU7H363aqzjm29RDNO8V2Vs2igkYpsYazAPP+upCU7KMSqhKYA1/jFUI
X-Received: by 10.157.4.170 with SMTP id 39mr696269otm.111.1479875415006; Tue, 22 Nov 2016 20:30:15 -0800 (PST)
MIME-Version: 1.0
Received: by 10.157.42.43 with HTTP; Tue, 22 Nov 2016 20:30:13 -0800 (PST)
In-Reply-To: <20161122160508.84025.qmail@ary.lan>
References: <CABa8R6sLKCgCXF7=cC1ScQA6YeXT0YMk6OSiPAiye8drZghKhg@mail.gmail.com> <20161122160508.84025.qmail@ary.lan>
From: Brandon Long <blong@google.com>
Date: Tue, 22 Nov 2016 20:30:13 -0800
Message-ID: <CABa8R6u58Rzh1Pivk1JD6zWZ_pZiHwBj7eiWL-iG15PuVXvKgg@mail.gmail.com>
To: John Levine <johnl@taugh.com>
Cc: ietf-dkim <ietf-dkim@mipassoc.org>
Subject: Re: [ietf-dkim] [dmarc-ietf] draft-kucherawy-dmarc-rcpts
X-BeenThere: ietf-dkim@mipassoc.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: IETF DKIM Discussion List <ietf-dkim.mipassoc.org>
List-Unsubscribe: <http://mipassoc.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=unsubscribe>
List-Archive: <http://mipassoc.org/pipermail/ietf-dkim/>
List-Post: <mailto:ietf-dkim@mipassoc.org>
List-Help: <mailto:ietf-dkim-request@mipassoc.org?subject=help>
List-Subscribe: <http://mipassoc.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@mipassoc.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============3087746893399062419=="
Errors-To: ietf-dkim-bounces@mipassoc.org
Sender: ietf-dkim <ietf-dkim-bounces@mipassoc.org>

On Tue, Nov 22, 2016 at 8:05 AM, John Levine <johnl@taugh.com> wrote:
>
>
> >And, if you think about it, spam is in the eyes of the recipient.  If you
> >take this message I'm composing right now and send a couple billions
> copies
> >to the top 10 mailbox providers, how many spam markings will it get?  With
> >some of the spammers we deal with, all they're looking for is clicks on
> the
> >links in the email, there is nothing particularly commercial about the
> >content itself.
>
> Now I'm really confused about what problem we're trying to solve here.
> You are of course right that there are messages that become spam if
> they're remailed a zillion times, but there are also messages that
> don't.  If I send a message to, say, nanog, it goes to a lot of
> people, the DKIM signatures usually survive, and it's not spam.
>
> If the bulk remail is spam, that will presumably affect the reputation
> of the places from which it is remailed.  That's not enough?
>

In a reputation based system, you take reputation on various features of
the message, and whether or not a message is spam depends on all of those
features, and then feeds back into each of those features.

So, the IPs for the botnet the message is spammed from will certainly take
a hit, or may already be bad.  The reputation of the dkim auth domain is
likely also to suffer, though.

In an IPv6 world, domain auth may play a higher role than IP for
reputation, given the high number of IP addresses.

Of course, the obvious mitigation there is to be more careful of dinging
dkim auth when spf auth doesn't pass or match.

Brandon

_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html

v2.23.0 | Report a Bug | By Email