Re: [ietf-smtp] Email explained from first principles

Alessandro Vesely <vesely@tana.it> Fri, 28 May 2021 09:33 UTC

Return-Path: <vesely@tana.it>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84B3A3A2216 for <ietf-smtp@ietfa.amsl.com>; Fri, 28 May 2021 02:33:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xFpv0meora9k for <ietf-smtp@ietfa.amsl.com>; Fri, 28 May 2021 02:33:43 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57A4C3A220F for <ietf-smtp@ietf.org>; Fri, 28 May 2021 02:33:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1622194417; bh=mBBA+bcH7a1Nb03wKhBZETy3KPEn6RyDl/SFlSchq+s=; l=939; h=To:References:From:Date:In-Reply-To; b=DO1F+9e0FRridbrwWDHacFp4GfRWDLLmDbIHdveEYp0T7kZek6F1V1MDXFByyNX6U uzYvlhs6NrKHFvlVfBMdVMkEHlgrfUcL/iZrWz4Z1rieEDxfC6a+0bwHH24VVhuTOU QyUHa7cTOJE1ITForAzUNLysInrKLkC4M+ei8mBJap3KaCtpBPBml0vJyHudX
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC03D.0000000060B0B8F1.00006E99; Fri, 28 May 2021 11:33:37 +0200
To: ietf-smtp@ietf.org
References: <20210524140315.991E3890E35@ary.qy> <6E17FD4E-C3D7-4703-8E5C-B0364D011418@ef1p.com>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <d2e70837-14db-c9e9-9d7d-93e8498fbb45@tana.it>
Date: Fri, 28 May 2021 11:33:37 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.0
MIME-Version: 1.0
In-Reply-To: <6E17FD4E-C3D7-4703-8E5C-B0364D011418@ef1p.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/LZjEjfyS6j8MDb51QB3AQAPdkpc>
Subject: Re: [ietf-smtp] Email explained from first principles
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 May 2021 09:33:49 -0000

On Thu 27/May/2021 17:55:09 +0200 Kaspar Etter wrote:
> Making it easier for mailing lists to keep DKIM signatures intact wouldn’t 
> force anything upon anyone. If mailing lists prefer to rewrite the sender 
> address, they’re free to do so.


Mailing lists often do keep DKIM signatures intact.  They only alter the rest 
of the message, but the transformations they do are stylized enough to allow to 
revert them and verify the original signatures.  That requires just some 
cooperation, because DKIM is so flexible.  Both the mailing list and its 
posters can operate so as to make reversion possible or not.

For example, Kaspar's message that I'm replying to could not be reverted 
because the original signature by ef1p.com signed MIME-Version: and 
Content-Type:.  Mailing lists need to control the values of those fields.  To 
allow this kind of interoperability, an author's domain shouldn't sign them.


Best
Ale
--