IETF Logo Mail Archive

Re: dmarc damage, was gmail users read on... [bozo subtopic]

Hector Santos <hsantos@isdg.net> Sun, 14 September 2014 15:07 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 52C471A0418 for <ietf@ietfa.amsl.com>; Sun, 14 Sep 2014 08:07:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.002
X-Spam-Level:
X-Spam-Status: No, score=-102.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rf35D9w0HVIQ for <ietf@ietfa.amsl.com>; Sun, 14 Sep 2014 08:07:45 -0700 (PDT)
Received: from news.winserver.com (secure.winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 26B101A0417 for <ietf@ietf.org>; Sun, 14 Sep 2014 08:07:45 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=2134; t=1410707263; h=Received:Received: Message-Id:From:Subject:Date:To:Organization:List-ID; bh=MtQ6f1b +Zd7i92kmcJ5k7S1YE+0=; b=YfWehynaPkiyS+hbn/xDJWS8ml6jTbeTFxafnaU lX9Rics+PQ9T7q71POQ09lLkenzEFd6yJJFnwEjVN4cEuvlDZwCdd6YVgPTaMMby 0vvn8EL0c8l3qcZK8VZGswQGGrm42SxaniVBHyBm53dZlg4vns9HAm6r+6lof2Kd RCpU=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Sun, 14 Sep 2014 11:07:43 -0400
Received: from [192.168.1.67] (99-121-4-27.lightspeed.miamfl.sbcglobal.net [99.121.4.27]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 1597356079.1.2164; Sun, 14 Sep 2014 11:07:42 -0400
References: <20140911202058.3327.qmail@joyce.lan> <541208F6.1010302@dougbarton.us> <bb48b8f170074ddeb25cbb213f613892@DM2PR0301MB0655.namprd03.prod.outlook.com> <CE39F90A45FF0C49A1EA229FC9899B0525E804C0@USCLES544.agna.amgreetings.com> <54132CE8.7000702@dcrocker.net> <5413398E.5030905@dougbarton.us>
Mime-Version: 1.0 (1.0)
In-Reply-To: <5413398E.5030905@dougbarton.us>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <87F192FC-5A0D-46DD-85D6-4BA4AC9D10E1@isdg.net>
X-Mailer: iPad Mail (11D257)
From: Hector Santos <hsantos@isdg.net>
Subject: Re: dmarc damage, was gmail users read on... [bozo subtopic]
Date: Sun, 14 Sep 2014 11:07:39 -0400
To: Doug Barton <dougb@dougbarton.us>
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/BHmdgy4ne42yaNRgTmjIcJuu7eY
Cc: "dcrocker@bbiw.net" <dcrocker@bbiw.net>, "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 14 Sep 2014 15:07:48 -0000

> On Sep 12, 2014, at 2:21 PM, Doug Barton <dougb@dougbarton.us> wrote:
> 
>> On 9/12/14 10:27 AM, Dave Crocker wrote:
>> What tends to be missed, throughout all of the discussions about dealing
>> with the effect on intermediaries such as mailing lists, is that most or
>> all of the mechanisms being discussed for intermediaries will work
>> equally well for bad actors...
> 
> Dave,
> 
> First, I don't think that point has been missed, as it's been repeated so often. :)  

+1 since SSP, since ADSP, since the threat analysis RFC, since the functional requirements  RFC.  


> Second, if you change the From: to be @<mailing list domain> the message is still protected if the mailing list domain uses SPF, DKIM, or better yet, both; AND the receiving system verifies them.

Exactly, the problem has been the push by the list folks to avoid this effort. The push by the key cogs was to look up the 3rd party trusted signer, if any and valid and ignore anything else otherwise, hence all sorts of loopholes.


> Or, put differently, faking Bad.Actor@<valid domain> is one of the scenarios that SPF/DKIM/DMARC are specifically designed to address.

Yet, the ietf effort to make DKIM a STD yet a push for methods that break it. I don't get the lack or poor integration effort. 

> It's not clear how creating a solution which will allow mailing list traffic to flow will weaken that.

Integrated systems have a better scope and feel.  All the parts have to be part of the picture.  So yes, it is a complex and expensive endeavor.  It took a long time to finally get all the mail parts lined up. But we had nine years to get ready for this framework.  We are talking mostly about policy driven mail expectations for the good, the bad and the ugly. And we have not yet come to terms that policy lookups is required by all entry points.  The list people have pushed aside the need to do author domain policy lookups, and they don't need to do it as long the list mail system frontend is doing it. 

--
Hector Santos
http://www.santronics.com

v2.23.0 | Report a Bug | By Email