Re: (DMARC) We've been here before, was Why mailing lists

"John R Levine" <johnl@taugh.com> Thu, 17 April 2014 04:03 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F370E1A044B for <ietf@ietfa.amsl.com>; Wed, 16 Apr 2014 21:03:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.357
X-Spam-Level:
X-Spam-Status: No, score=-0.357 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mlUA00so0dWa for <ietf@ietfa.amsl.com>; Wed, 16 Apr 2014 21:03:06 -0700 (PDT)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) by ietfa.amsl.com (Postfix) with ESMTP id D6D361A043C for <ietf@ietf.org>; Wed, 16 Apr 2014 21:03:05 -0700 (PDT)
Received: (qmail 74483 invoked from network); 17 Apr 2014 04:03:01 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=122f2.534f5275.k1404; bh=yLi4j+k3OfhF8KlKUNAKZ1gxQtyszGwUoij3uPqbriY=; b=Ygmou+v4tJw61L134vV4TTr7FGqk8psHLyQkcXF42X7FcZHJ5eQX0FTavgZKXeUDA0M6frgIGJLIW9uUscI02LA7GIQ99QHJwZJ7H3415IYOM5BE/bn110V29R16fk+sDgZoqX5T6ksCkjb/a3S6OIIufaujQehXnh9SrydU6HLOf4VJmE5d3Zk2z7uhHGaW75IvgvnnunIX91e4ldbEIx1A2RmkMFPFZZyCKHlY8OQiXMHsXhcnMfQ8V0BQlcNB
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=122f2.534f5275.k1404; bh=yLi4j+k3OfhF8KlKUNAKZ1gxQtyszGwUoij3uPqbriY=; b=34/7thQHwqjBy6RQUNgXDb8G2HZcgfbXhTTfIAEz0hA0/7h1+q5FAP4xjzAoBm9SetGczdJpI66jUO8jEb4+NHS7l5OrM7/pmaOm4JWktoPiUV1kCStL71FloARKVl3rpL1ZrHkCebFjcbCSbx4PvAn/dqAsYOmWS2Gz4f+YcCRy+6lT6nIuWkK2dMyAIvLtzJynqJrsOGMQotrKQzocByukmEczoTZ8wi2Js1ngvTYKp1I8acR+yoJrEO3XrocI
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.0/X.509/SHA1) via TCP6; 17 Apr 2014 04:03:01 -0000
Date: 17 Apr 2014 00:03:00 -0400
Message-ID: <alpine.BSF.2.00.1404162346400.2194@joyce.lan>
From: "John R Levine" <johnl@taugh.com>
To: "Pete Resnick" <presnick@qti.qualcomm.com>
Subject: Re: (DMARC) We've been here before, was Why mailing lists
In-Reply-To: <534F1183.6060702@qti.qualcomm.com>
References: <CE39F90A45FF0C49A1EA229FC9899B0507D45766@USCLES544.agna.amgreetings.com> <20140414214949.32126.qmail@joyce.lan> <CE39F90A45FF0C49A1EA229FC9899B0507D460CB@USCLES544.agna.amgreetings.com> <alpine.BSF.2.00.1404142150430.32657@joyce.lan> <CAL0qLwbPMm_i0fqNSGQPv=xZaiNASy=icsRNudaNJ_3PNtX3Og@mail.gmail.com> <alpine.BSF.2.00.1404151832460.38826@joyce.lan> <CAL0qLwZUptJVw85T2FjB2HRGoOvcOUHKiQXeadM0QE9BsFVM9w@mail.gmail.com> <CAKHUCzxpwS+nR9wRGOzU_83f7XabMr0pwB5x-MHrqM-28r80kw@mail.gmail.com> <CAKHUCzzw9mufrTCOBQOkRrZU6wOM21X8Y=FUEKf=qnzS9VESjA@mail.gmail.com> <alpine.BSF.2.00.1404161654430.2065@joyce.lan> <534F1183.6060702@qti.qualcomm.com>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Cleverness: None detected
MIME-Version: 1.0
Content-Type: MULTIPART/signed; protocol="application/pkcs7-signature"; micalg=sha1; BOUNDARY="3825401791-506175694-1397707381=:2194"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/C6iwUEt3ZSHJQ_q_d1Em5yJ8_I4
Cc: "ietf@ietf.org" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Apr 2014 04:03:11 -0000

> The originator (well, more to the point, the originator's mail server) 
> doesn't need a signal that it's a mailing list; it's simply that the 
> destination makes an "if I forward the mail, I'll be including this" piece of 
> data available, and the originator's server can then include that in the 
> signature of the message. I was thinking this could be in some special kind 
> of DMARC (or whatever) record that lived in the mailing list's domain and 
> could be queried by the originator's server.

We argued at great length about this issue when we were doing DKIM.  The 
magic token has to be cryptographically tied to the contents of the 
original message, or bad guys can take the token from a real message and 
replace the body with spam.  So that means a token tied to a hash of the 
contents of the message which is, of course, a DKIM signature.  This 
scheme is equivalent to requiring that lists preserve DKIM signatures, 
which they don't.

Every attempt to create a signing scheme that is flexible enough to deal 
with all the routine stuff that lists do (e.g., reorder, discard, or 
flatten MIME parts while adding the usual subject tags and body footers) 
while being robust enough to prevent bad guys from replacing the message 
with spam has completely failed.  We can try again, but I don't see any 
reason to think that the result would be any different.

Hence you can only accept mutated messages from sources you trust, i.e., a 
whitelist, and once you have a whitelist, you might as well just deliver 
the whitelisted mail.  Maybe I'm missing something here, but we've gone 
around this barn an awful lot of times over the past decade and always 
ended up in the same place.

R's,
John