Re: What I've been wondering about the DMARC problem

Theodore Ts'o <tytso@mit.edu> Thu, 17 April 2014 20:53 UTC

Return-Path: <tytso@thunk.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 66C3E1A0192 for <ietf@ietfa.amsl.com>; Thu, 17 Apr 2014 13:53:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.274
X-Spam-Level:
X-Spam-Status: No, score=-0.274 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RP_MATCHES_RCVD=-0.272, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iWUORYI1YUBS for <ietf@ietfa.amsl.com>; Thu, 17 Apr 2014 13:53:37 -0700 (PDT)
Received: from imap.thunk.org (imap.thunk.org [IPv6:2600:3c02::f03c:91ff:fe96:be03]) by ietfa.amsl.com (Postfix) with ESMTP id 673741A0109 for <ietf@ietf.org>; Thu, 17 Apr 2014 13:53:37 -0700 (PDT)
Received: from root (helo=closure.thunk.org) by imap.thunk.org with local-esmtp (Exim 4.80) (envelope-from <tytso@thunk.org>) id 1WatJM-0002wG-Rb; Thu, 17 Apr 2014 20:53:32 +0000
Received: by closure.thunk.org (Postfix, from userid 15806) id 39093580598; Thu, 17 Apr 2014 16:53:32 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=thunk.org; s=ef5046eb; t=1397768012; bh=NBhUUztUX8k895F9skyxuSEdN2+pmWZcXL44mLFA2IA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=AT0rv0Aucrkc1ny/VDppe/c6qsqznwzesp46H4I9iUkSjjZ60Du4h1imD12EsXZE7 H5/YEGxuIypGbdGokBnU6ltk4o7INholHM65faNk6Nh8lLpnTLqyfEKDErrDTSJLLt CHE+z/zMDpdglMOv7llqoeAuUVpYRbSTznylRNmI=
Date: Thu, 17 Apr 2014 16:53:32 -0400
From: Theodore Ts'o <tytso@mit.edu>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Subject: Re: What I've been wondering about the DMARC problem
Message-ID: <20140417205332.GB4979@thunk.org>
References: <CAKW6Ri5HWMaGMa_oLKwq5fzSUzJG=jAL1qojY1i6_tibEAxq8w@mail.gmail.com> <CAL0qLwaik1ft+AcACoc+kvKtCRt_gGvM6ov7c2yj_Uwyy3drNw@mail.gmail.com> <CAKW6Ri5_=GyOQijZMM+mqAoaEQzePGysBy9WVjN9yHO1zf3d2w@mail.gmail.com> <534C8F2B.9060903@gmail.com> <534D5516.7060902@dcrocker.net> <534D98CC.9080400@gmail.com> <2478F2D1-2E08-45D7-86A2-36443959E272@me.com> <534EE9EA.9060403@gmail.com> <09B6AA22-9D1D-4EE4-AB27-2506A1E08EDA@me.com> <5350344B.1000400@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5350344B.1000400@gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: tytso@thunk.org
X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/Ir_jHttOZYZs-n9kWlAogKPu6Cw
Cc: Jim Fenton <fenton@bluepopcorn.net>, IETF discussion list <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Apr 2014 20:53:42 -0000

On Fri, Apr 18, 2014 at 08:06:35AM +1200, Brian E Carpenter wrote:
> > 
> > The Reply-To: field is adjusted to be the author's address, 
> 
> Oh, OK. Most UAs will probably do what you describe, but I think
> there are exceptions. However, if I want to reply to the author
> alone, it's now the simple Reply that will fail me, because it
> will reply to the list. And in my mail folders, messages will
> all appear to come from the list; if I want to find the message
> that Sabahattin sent me two years ago, I can't, because my UA
> doesn't allow for searching on the Reply-To field.
> 
> It's still got very poor semantics.

It's all about semantics, isn't?

Suppose we made the mailing list software take the contents of the
>From field, and moved it to something like "X-Originally-From: ", and
changed the From field to be "ietf@ietf.org".org".  That would be what the
DMARC people would want, right?

Except then, a couple of years later, because users might actually
want to find the message that was written by "Brian Carpenter", or
"Sabahattin Gucukoglu", and not from "ietf@ietf.org".org", MUA's might
start using the Originally-From field in the summary field, and start
emphasizing the "Originally-From" from field in the UI.  At which
point, the spammer/scammer/whatever could start forging the the
"Originally-From" field, and then Lo!  There will be a DMARC II,
demanding that "Originally-From" field be aligned with the From field,
and we're right back to where we started.

It was the same argument about why a DKIM or DMARC couldn't just
verify the Sender field, and call it a day.  The problem is that the
>From field is what people pay attention to.

And this is true of whatever solution we want to better support
mailing lists.  Suppose the answer is to rewrite the from field to
something like this:


From: ietf-resend+brian.e.carpenter=gmail.com@ietf.org

Or this:

From: ietf@ietf.org (Originally from Brian E Carpenter: brian.e.carpenter@gmail.com)

It doesn't matter.  Eventually, the UA's will start emphasizing and
parsing out the original From field information, because that's what
people will want to be automatically added to their address book, and
not ietf@ietf.org, and that's what they will want to see in their
e-mail summary.  And then the DMARC folk will say, "Oh, Noes!
Spammers and scammers and bears, oh my!  They are using this loophole
to fool the naive user."  We must have DMARC II... and DMARC
III.... and DMARC IV.... and it will never end.

					- Ted