Re: DMARC and yahoo

Dave Crocker <dcrocker@bbiw.net> Mon, 21 April 2014 19:15 UTC

Return-Path: <dcrocker@bbiw.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E57171A0250 for <ietf@ietfa.amsl.com>; Mon, 21 Apr 2014 12:15:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8mKQUxKEtBLM for <ietf@ietfa.amsl.com>; Mon, 21 Apr 2014 12:15:32 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id 15D2C1A0262 for <ietf@ietf.org>; Mon, 21 Apr 2014 12:15:26 -0700 (PDT)
Received: from [192.168.1.66] (76-218-8-156.lightspeed.sntcca.sbcglobal.net [76.218.8.156]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id s3LJFGoM016393 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 21 Apr 2014 12:15:19 -0700
Message-ID: <53556DC4.3050209@bbiw.net>
Date: Mon, 21 Apr 2014 12:13:08 -0700
From: Dave Crocker <dcrocker@bbiw.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: Doug Royer <douglasroyer@gmail.com>, ietf@ietf.org
Subject: Re: DMARC and yahoo
References: <CAKW6Ri6OUmxGaBOGR2hoWpDOGWsVQ9tQ2Q9ogkT5wzFhFJLBbQ@mail.gmail.com> <534D9C2C.8010606@gmail.com> <20140415214348.GL4456@thunk.org> <1397607352.389753533@f361.i.mail.ru> <534DCFFB.4080102@gmail.com> <20140416012205.GC12078@thunk.org> <24986.1397615002@sandelman.ca> <20140416023813.GA21807@thunk.org> <C8A2B0B4-5FA4-4BFE-AECE-C61667ECF2FB@secure-endpoints.com> <4948F093F369F051CAF0B810@[192.168.1.128]> <53542D90.8030709@gmail.com> <53555D90.7050709@gmail.com>
In-Reply-To: <53555D90.7050709@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.67]); Mon, 21 Apr 2014 12:15:19 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/1igIfbX18LxmkC8Wd8Xgp9LAR0s
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Apr 2014 19:15:37 -0000

On 4/21/2014 11:04 AM, Doug Royer wrote:
>
> If yahoo sends out an email from list-name@yahoo, then that is where the
> email is from.

Unfortunately, email is more complicated than that.  There are multiple 
actors, taking multiple roles.  The most important one to represent 
properly in the message is the author, shown in the rfc5322.from header 
field.

At the top level, an author is communicating with recipients, and often 
they need to be able to reply to to that author, without copying the 
other recipients.  Mess with the original From field and the ability to 
reply is typically affected.

A mailing list is a mediator to this exchange, such that, yes, it takes 
formal delivery and formally posts a new message.  However the 
'original' author and the 'final' recipients still treat this as an 
exchange between them.  The recipients are aware of the role of the 
mailing list, but they do not consider the mail to be 'from' the mailing 
list.

The mailing list is an originator, in formal terms, which is typically 
represented by the rfc5322.sender field.

Changing the rfc5322.From field to be different than what the original 
author created alters communication among the the participants.


> So it would be correct to set the from/sender in the email to be

from/sender?  those are two different fields.


> list-name@yahoo.com.
> Why try to make it fake anything?
>
> If you want to preserve any digital signature in the original message,
> then send the original email as a mime body part in the forwarded message.

Encapsulating the original message into a subordinate message has some 
appeal.  It also well might have some additional attack vectors.  In any 
event, it's an end-to-end change, probably affecting every entity 
handling the message.

d/


-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net