IETF Logo Mail Archive

Re: dmarc damage, was gmail users read on... [bozo subtopic]

Dave Crocker <dhc@dcrocker.net> Fri, 12 September 2014 17:30 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D98F1A797C for <ietf@ietfa.amsl.com>; Fri, 12 Sep 2014 10:30:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.6
X-Spam-Level:
X-Spam-Status: No, score=-3.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, J_CHICKENPOX_16=0.6, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tLPjHFch4FmO for <ietf@ietfa.amsl.com>; Fri, 12 Sep 2014 10:30:42 -0700 (PDT)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA26B1A7D81 for <ietf@ietf.org>; Fri, 12 Sep 2014 10:30:42 -0700 (PDT)
Received: from [192.168.1.66] (76-218-8-156.lightspeed.sntcca.sbcglobal.net [76.218.8.156]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id s8CHUNHB031365 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 12 Sep 2014 10:30:26 -0700
Message-ID: <54132CE8.7000702@dcrocker.net>
Date: Fri, 12 Sep 2014 10:27:04 -0700
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: "MH Michael Hammer (5304)" <MHammer@ag.com>, "ietf@ietf.org" <ietf@ietf.org>
Subject: Re: dmarc damage, was gmail users read on... [bozo subtopic]
References: <20140911202058.3327.qmail@joyce.lan> <541208F6.1010302@dougbarton.us> <bb48b8f170074ddeb25cbb213f613892@DM2PR0301MB0655.namprd03.prod.outlook.com> <CE39F90A45FF0C49A1EA229FC9899B0525E804C0@USCLES544.agna.amgreetings.com>
In-Reply-To: <CE39F90A45FF0C49A1EA229FC9899B0525E804C0@USCLES544.agna.amgreetings.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.66]); Fri, 12 Sep 2014 10:30:27 -0700 (PDT)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/31C9-yqF80Hff0Hk9DS2VzOJgRc
Cc: Christian Huitema <huitema@microsoft.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Sep 2014 17:30:44 -0000

On 9/12/2014 8:35 AM, MH Michael Hammer (5304) wrote:
>> From: ietf [mailto:ietf-bounces@ietf.org] On Behalf Of Christian Huitema
...
>> The big change with DMARC is a deprecation of the Sender/From
>> differentiation, effectively requiring that these two will be the same. It
>> seems that big systems have voted that the differentiation causes more
>> harm (spam, phish) than good (remailers).
> 
> This is actually not quite true. If the Sender and the From are in the same domain then there is no problem. It becomes an issue when the Sender and the From are different domains. DMARC does not care about the LHS of the email address (whether it is DKIM signing or SPF validation).


In semantic terms, Christian's analysis is exactly correct.

The fact that there might be some scenarios where things are not
operationally problematic is a distraction, rather than meaningful to
the analysis.

By definition, p=reject enforces a semantic that requires the owner of
the rfc5322.From domain to have a relatively tight relationship with the
operator sending the message.

IMO, it's quite reasonable to characterize this as conflating From: and
Sender:.


What tends to be missed, throughout all of the discussions about dealing
with the effect on intermediaries such as mailing lists, is that most or
all of the mechanisms being discussed for intermediaries will work
equally well for bad actors...



d/

-- 
Dave Crocker
Brandenburg InternetWorking
bbiw.net

v2.23.0 | Report a Bug | By Email