IETF Logo Mail Archive

Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles

Nathaniel Borenstein <nsb@guppylake.com> Wed, 26 May 2021 20:37 UTC

Return-Path: <nsbnsb@gmail.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDBF83A1629 for <ietf-smtp@ietfa.amsl.com>; Wed, 26 May 2021 13:37:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.248, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=guppylake-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 48j2gwNPLkWq for <ietf-smtp@ietfa.amsl.com>; Wed, 26 May 2021 13:37:08 -0700 (PDT)
Received: from mail-io1-xd29.google.com (mail-io1-xd29.google.com [IPv6:2607:f8b0:4864:20::d29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 230CB3A1625 for <ietf-smtp@ietf.org>; Wed, 26 May 2021 13:37:08 -0700 (PDT)
Received: by mail-io1-xd29.google.com with SMTP id k16so2436271ios.10 for <ietf-smtp@ietf.org>; Wed, 26 May 2021 13:37:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=guppylake-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=P7S7wzRzXBlklhLl9+Ew8Mz5FQdXypR83x8H3N74tmc=; b=fKj886c8VxtVkBcNhtsFvLsb2Ad+SepCwS/uhraSHU39fiEsKqYUYI1L7A/fs9UqPZ JRpvnrUCdWVL1B2Fygg+cSSNO2oY/l3BbaGGb8VVkKMkAPg5jjpRn5+xrZTOXTlJx58l 5eLyvXGR0TKpwWhg0q6YbxyXD6meVqjnauBrNJrcEGMM/gd8znNnA9i00wKe7Aem4xoB RjE0jMA7uTfgOP8H6cZP7zBf6tnSglVn30cNbXL+CWO4pJ163PCbtleNQ5Cg8Z7ry8i7 E/b5dvISAx57CA6o+NYsuQvr0w31dSgeilDhdeBKOxhN8G45Mbeq06XeJECLa6E2YYLz QAxA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=P7S7wzRzXBlklhLl9+Ew8Mz5FQdXypR83x8H3N74tmc=; b=qRvTHaVqTXXfReS06pfxqTYdZH2ADxV3kVmK0mXzlHg7qL/pkYpJWpIodi1DSaWdwv vFdB/HsKZudt2WYeLxRqPBwm5LYC6XhOEuuCuoLTTOyLa9YVV/K5L/UvKl4jRrKBxxwP Dt5hiAsGFHmR5M41ecFPRMF0FyWViixMwUCXVRHhEkE37i1c9LSpAHULp4hJlFK8JE/t KdgfvnWdsb47hDIfO+NaHDLOjdrb4UDbGXBWi6sx36i/WFoiRwROiXSq7eWECnWxrFf4 ltnHRgGeA1vo/7hM2720W6Fut2lau9yjp3wdWBqn1ZuGR6whR0ntQoAHkBOSbCmfUpFz awag==
X-Gm-Message-State: AOAM533zm6WPIxHAP2Qn/ra6R7YonTtOPS0RpLiELuEhEevg/zynw/qH OFcGtINOvoqKVV0RmXvFsbOjae3N6YGJIAWiqFr1Bx4cFbNBWQ==
X-Google-Smtp-Source: ABdhPJwZgFfIAhOrA2pt+uDoxyAYVV5YMKnjOQGBjZxCd6AA6wyHeKvMocnnb5vNZirarXJ6jjLgtir6fIbE2dIZeIc=
X-Received: by 2002:a05:6638:1482:: with SMTP id j2mr15272jak.63.1622061426543; Wed, 26 May 2021 13:37:06 -0700 (PDT)
MIME-Version: 1.0
References: <cone.1621939932.396187.66265.1004@monster.email-scan.com> <cone.1621995114.332887.83228.1004@monster.email-scan.com> <c751cdbd-6d9b-cbf3-bf08-966bed58a078@dcrocker.net> <cone.1622043658.138861.94832.1004@monster.email-scan.com> <s8lsl2$2nn4$1@gal.iecc.com> <cone.1622060881.249946.94832.1004@monster.email-scan.com>
In-Reply-To: <cone.1622060881.249946.94832.1004@monster.email-scan.com>
Reply-To: nsb@guppylake.com
From: Nathaniel Borenstein <nsb@guppylake.com>
Date: Wed, 26 May 2021 16:36:50 -0400
Message-ID: <CAP-k+nkao_4wB2sZwxX747h=dEF3KKswoMznR1UOaO0eg35D1g@mail.gmail.com>
To: Sam Varshavchik <mrsam@courier-mta.com>
Cc: ietf-smtp@ietf.org
Content-Type: multipart/alternative; boundary="000000000000220fc405c3419b69"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/MV7DAcvxxey6r-orV4XFuoanUa4>
Subject: Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 May 2021 20:37:13 -0000

> But I believe I made my point clear: that (the same) people can end up
using
> the DKIM in exactly the opposite manner, for the simple reason that they
see
> DKIM used more by unwanted mail, than not,

It seems to me you can make the same claim for almost any feature of email
(or anything else) that is used by both the good and bad guys.  "Most of
the mail we receive that uses multipart/related comes from good/bad guys,
so I will/won't block it."  The fact that others are doing things stupidly
isn't a good reason for the rest of us not to do them intelligently.  If it
were, it would be time to give up on email altogether.

On Wed, May 26, 2021 at 4:28 PM Sam Varshavchik <mrsam@courier-mta.com>
wrote:

> John Levine writes:
>
> > According to Sam Varshavchik  <mrsam@courier-mta.com>:
> > >I understand, very well, what the intent of DKIM is.
> > >
> > >However, it is what it is. If I observe what the practical reality of
> the
> > >past or current usage of DKIM is, then this speaks for itself.
> >
> > I honestly do not undersatand what your point is.  It sounds like
> you're
> > saying
> > that since it is not a magic FUSSP, it must be useless, but that would
> be
> > dumb
> > so I doubt that's it.
> >
> > For example, do you believe that people whitelist mail using DKIM
> > signatures from signers with good reputations?  Because we do.
>
> I'm sure that's the case.
>
> But I believe I made my point clear: that (the same) people can end up
> using
> the DKIM in exactly the opposite manner, for the simple reason that they
> see
> DKIM used more by unwanted mail, than not, and I explained why that
> turned
> out to be: a much higher adoption rate of DKIM by mail outsourcing
> providers
> than by other users. And when you are seeing most of your bad mail come
> from
> third party mail providers, then the combination of the two factors turns
> DKIM into a spam indication.
>
> Again, I am not passing judgement or arguing DKIM's lofty goals. I
> understand what they are, what DKIM is, and its purported use cases. It's
> really no different than judging the presence of
>
> X-PHP-Originating-Script: 33:SimpleMailInvoker.php
>
> or
>
> X-Mailer: PHPMailer
>
> as also a high spam indication. I am struggling to find any message in my
> archive with those two headers that's not spam. Does this simple
> observation
> pass any judgement on those two fine products' stated use cases? No, it
> does
> not. But, again, in the real world things don't always work according to
> plan. And, all I'm saying, is that some may find DKIM-Signature: to be
> awfully similar to those two.
> _______________________________________________
> ietf-smtp mailing list
> ietf-smtp@ietf.org
> https://www.ietf.org/mailman/listinfo/ietf-smtp
>

v2.23.0 | Report a Bug | By Email