Re: [ietf-smtp] Email explained from first principles

John R Levine <johnl@taugh.com> Tue, 25 May 2021 01:49 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf-smtp@ietfa.amsl.com
Delivered-To: ietf-smtp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55EB73A03FE for <ietf-smtp@ietfa.amsl.com>; Mon, 24 May 2021 18:49:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=Bje8B0tW; dkim=pass (2048-bit key) header.d=taugh.com header.b=qOyHyTbq
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g1uGZvbyTpKP for <ietf-smtp@ietfa.amsl.com>; Mon, 24 May 2021 18:49:22 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 717DE3A03F4 for <ietf-smtp@ietf.org>; Mon, 24 May 2021 18:49:22 -0700 (PDT)
Received: (qmail 77815 invoked from network); 25 May 2021 01:49:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=12ff5.60ac57a1.k2105; bh=JBNQ8/CzAIF+JCbBqJ9qkspj5k0104ivFRBK2QiECoA=; b=Bje8B0tW8yfE1n7uOJOGvrH9qxbTcep2/LBQD3x+95FJZr41tXr1dZbUyNahCQvtKQ//scuElXN9vl9g+eVua1wdLRBEkhmzvqpV2oDqRs9iLIy0D721DfyZLVFhEHKUbYxr7q5ebcY9eizMiShfrD4DFo0/gbo6/csqmq6ErmdOr3i/z6M7KGA+/rTUGsdTD7KVvHGs74WuBuQjZdWlJjuEDICkLlyfmgjoUr0AqaF8VsRZ55+x15qqWNKlyTkm/aDnFfkM4nAsgfYpy8zwrbqOJtQCHA9lWnRMSSDHGTsDthiXShnTWbZ03ZhiBjRKwrSgSx2MJZ2x7QH8ISXZFQ==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=12ff5.60ac57a1.k2105; bh=JBNQ8/CzAIF+JCbBqJ9qkspj5k0104ivFRBK2QiECoA=; b=qOyHyTbqooOhmKcU6oGV4f/I8FKgPM032fc+t+rfCUQYuNYpTZLFgd3jfkpze+y/boibCgw/l9dihHvDpNY8SfKuYYirKdpOYg4hJm8/GJJFxgyr2vgZT+F83MAUGeNiXi7yORaw69CjoBIBcUaaVv1SYzphbWmKqnkvFDfT0V2LuC07vKgbM3xqkiZL0sytu3hscKf5I/22zD4CY6UNBaKHeZu0nyA0fdScucjlMrXQf8963x+Gf+6fgdgTiyGiNpAqrQj2gf99Vvq+ElQ2I7rW7pXRgrQs6xIsox1duGjDGeb67Dx1Zy/HwIDa8dsSOe+3+WHkQryyZFCa6L0h/g==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 25 May 2021 01:49:21 -0000
Received: by ary.qy (Postfix, from userid 501) id 75C928A7E28; Mon, 24 May 2021 21:49:19 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id C45CF8A7E0A; Mon, 24 May 2021 21:49:19 -0400 (EDT)
Date: 24 May 2021 21:49:19 -0400
Message-ID: <a3c18fc9-aef2-cbe3-995-1ece38557c7c@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Dave Crocker" <dcrocker@bbiw.net>, ietf-smtp@ietf.org
X-X-Sender: johnl@ary.qy
In-Reply-To: <7d7f2e66-a9da-4d34-b109-79a1b2996780@dcrocker.net>
References: <20210524140315.991E3890E35@ary.qy> <7d7f2e66-a9da-4d34-b109-79a1b2996780@dcrocker.net>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-smtp/f4cJ1FjlV4vASXvZszF_Px9kJtE>
Subject: Re: [ietf-smtp] Email explained from first principles
X-BeenThere: ietf-smtp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of issues related to Simple Mail Transfer Protocol \(SMTP\) \[RFC 821, RFC 2821, RFC 5321\]" <ietf-smtp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-smtp/>
List-Post: <mailto:ietf-smtp@ietf.org>
List-Help: <mailto:ietf-smtp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-smtp>, <mailto:ietf-smtp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 May 2021 01:49:29 -0000

On Mon, 24 May 2021, Dave Crocker wrote:
> That is, the main motivation for ARC is to provide a plausible basis for 
> paying attention to DMARC, even when its underlying authentication mechanism 
> are broken by the time they show up at the receiver.

Yes. that's a better way to put it.

I asked somone from a Large Mail Provider that since they know where the 
mailing lists are, why not just whitelist them.  The answer was that a lot 
of spam leaks through lists, since they typically just check that the 
From: address is a subscriber.  ARC lets them look back and see if the 
message was DMARC aligned when it arrived at the mailing list and do the 
filtering that the mailing list didn't.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly