Re: [IETF] DMARC methods in mailman
Viktor Dukhovni <ietf-dane@dukhovni.org> Sat, 31 December 2016 20:49 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6829612959D for <ietf@ietfa.amsl.com>; Sat, 31 Dec 2016 12:49:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dS94wnyD2OLg for <ietf@ietfa.amsl.com>; Sat, 31 Dec 2016 12:49:18 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E4CB1129483 for <ietf@ietf.org>; Sat, 31 Dec 2016 12:49:17 -0800 (PST)
Received: from [IPv6:2604:2000:1382:81a2:504f:d1f:232d:c233] (unknown [IPv6:2604:2000:1382:81a2:504f:d1f:232d:c233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mournblade.imrryr.org (Postfix) with ESMTPSA id 3CA08282D54 for <ietf@ietf.org>; Sat, 31 Dec 2016 20:49:16 +0000 (UTC) (envelope-from ietf-dane@dukhovni.org)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Subject: Re: [IETF] DMARC methods in mailman
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
In-Reply-To: <20161227170912.GQ13486@mournblade.imrryr.org>
Date: Sat, 31 Dec 2016 15:49:13 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <6DF613F9-C75E-479E-BB63-B83ED7923696@dukhovni.org>
References: <A2F8894E-C983-42F2-9EB9-3E7032615F86@dukhovni.org> <20161227145738.24244.qmail@ary.lan> <20161227170912.GQ13486@mournblade.imrryr.org>
To: IETF general list <ietf@ietf.org>
X-Mailer: Apple Mail (2.3259)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/LvzQmy1jRmYGePLaEzUv6WfP6SU>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: IETF general list <ietf@ietf.org>
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Dec 2016 20:49:19 -0000
[ On-list follow-up to off-list discussion with John R Levine ] > On Dec 27, 2016, at 12:09 PM, Viktor Dukhovni <ietf-dane@dukhovni.org> wrote: > > What I'm saying is that phishing protection is not the actual goal > when publishing or filtering on DMARC. The metric used is complaints > about spam, or messages blocked not reduction in monetary loss, > and this lines up with reducing support costs, ... > > So filtering on DMARC reduces complaints and support costs. Its > effect on phishing is a separate issue. > > Many of my inbound 419 scams are sent with Yahoo/Gmail/... "Reply-To" > addresses (the From address is in some random domain), and DMARC > does nothing to address the endemic infestation of Yahoo/Gmail/... > by 419 scammer maildrops. A perfect illustration of this, in the form of (two copies of) a vanilla 419 scam sent via Yahoo, claiming to be from Gmail, with a Gmail From/Reply-To landed in my mailbox today: Return-Path: <fdstrefd@gmail.com> Received: from nm26-vm3.bullet.mail.ir2.yahoo.com (nm26-vm3.bullet.mail.ir2.yahoo.com [212.82.97.45]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by mournblade.imrryr.org (Postfix) with ESMTPS id 294A3282D54 for <ietf-dane@dukhovni.org>; Sat, 31 Dec 2016 20:11:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1483215114; bh=c4EvhVuT7B7QSV9hGxgYY5JM/FjAch9pBRo19btgucE=; h=Date:From:Reply-To:Subject:References:From:Subject; b=WoiPMDpaa+cfZ9QhmywsDmt8fwb4nK6vFIm6dBY4CV5WaamvGPq+i5VX66OPKSkFHA8kNnzkHuhN4iSFT7gQRNk1/xX6xJ9iGw4GUOePrLSsAJC5uCS+aHEnrTTuLi2yF+S1YDefU286pBkw4yHoX9JN0gcvb5s7uD+JSwIYjlLYOGr+PpGrEAuXNVE2NGzIcb9UWTSJXZMwlBbWkY7nqz1ud1OFhAruu7M8J0b9Qy0JguRF+TXoVIlgwmhtLUkW7zVUjJH97A+pGPLZJTb3ZsP4i+JITXntKt5LTh3rmoA/imXEm5SGRgY26w8S33ogKRbxOGMF+bExVfFSGu6pZw== Received: from [212.82.98.55] by nm26.bullet.mail.ir2.yahoo.com with NNFMP; 31 Dec 2016 20:11:54 -0000 Received: from [212.82.98.94] by tm8.bullet.mail.ir2.yahoo.com with NNFMP; 31 Dec 2016 08:02:52 -0000 Received: from [127.0.0.1] by omp1031.mail.ir2.yahoo.com with NNFMP; 31 Dec 2016 07:55:04 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 927888.62800.bm@omp1031.mail.ir2.yahoo.com X-YMail-OSG: QcOFysMVM1m.D45t1au9SSm7UzQg.moWDy838PFy.crU_U2N2Ln5zfPjrV316am O5_zn_VmvWY0mvTu381bdjL6BcURqvRHcKaw3g25Wps4hfu5qEa_L9zn29KWuwNWSIyddDcm8mIy FyM7llRByUhCYWb7Usx1_GR.5JD3.phNO88gGojPDNcflzmS.nAErUq9Qkt1NWsV1LIOjMO3NJzL gmLNZCDp34o6QleUNJ9Ku3Ovu9OkUh0tT0mDgr4wlOnvV6YRHMjpSdIwIOWOOgRXvZyL9TjBwoZ0 VJe89OUB40o37la9j7NbS2vcdzyPnZHH.n5.ETUZCQjwd9G.CbFHugfmbCQUaSr1YY6EjRNWvnbb eUHSEkuPEuTsFM8taHzKIfTfmnPkjYRhzOa2Ch800ROLuT0KUj0jFrHTCA_KLwewubm4G2J01.7s RJJKbUMFLFg4xhPS5ZJJf8T7DexaxYYUHrvI2tC9KqRu9HVBPSI0GM2qnYXtySZ4.jFttaFem9WH eicjn4zzDzOULy3qatyVelmI- Received: from jws700080.mail.ir2.yahoo.com by sendmailws165.mail.ir2.yahoo.com; Sat, 31 Dec 2016 07:55:04 +0000; 1483170904.369 Date: Sat, 31 Dec 2016 07:55:04 +0000 (UTC) From: "Mr.Iheleme Oskama" <fdstrefd@gmail.com> Reply-To: "Mr.Iheleme Oskama" <mr.ihelemeoskama@gmail.com> Message-ID: <1310822406.6745256.1483170904116@mail.yahoo.com> Subject: Greetings My Dear Friend My MUA's (Mail.app) filters easily recognized it as Junk email, if only Yahoo's outbound email filters had been equally effective, but I don't believe that protecting email users against scams is the game being played. Yes, when Paypal publishes DMARC policy, the policy is both reasonable, and does have positive impact in reducing phishing of Paypal users. Paypal's DMARC policy also has no negative impact on mailing lists. When a large consumer email provider publishes p=reject, their motivation is likely less noble and negative impact on other legitimate uses of email is not negligible. -- Viktor.
- Re: [IETF] DMARC methods in mailman John Levine
- Re: DMARC methods in mailman Philip Homburg
- Re: DMARC methods in mailman John Levine
- Re: DMARC methods in mailman Theodore Ts'o
- Re: DMARC methods in mailman Randy Bush
- Re: DMARC methods in mailman Philip Homburg
- Re: DMARC methods in mailman John R Levine
- Re: DMARC methods in mailman S Moonesamy
- Re: DMARC methods in mailman Philip Homburg
- Re: DMARC methods in mailman Philip Homburg
- Re: DMARC methods in mailman Theodore Ts'o
- Re: DMARC methods in mailman S Moonesamy
- Re: DMARC methods in mailman Alexey Melnikov
- DMARC stats for IETF mailing lists (was DMARC met… Alexey Melnikov
- Re: DMARC methods in mailman S Moonesamy
- RE: DMARC methods in mailman Christian Huitema
- Re: DMARC methods in mailman John Levine
- Re: DMARC methods in mailman Randy Bush
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman Philip Homburg
- Re: [IETF] DMARC methods in mailman Yoav Nir
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman Ted Lemon
- Re: [IETF] DMARC methods in mailman tom p.
- Re: [IETF] DMARC methods in mailman Patrik Fältström
- Re: [IETF] DMARC methods in mailman Philip Homburg
- Re: [IETF] DMARC methods in mailman Theodore Ts'o
- Re: [IETF] DMARC methods in mailman John C Klensin
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman John Levine
- Re: [IETF] DMARC methods in mailman Theodore Ts'o
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- RE: [IETF] DMARC methods in mailman Christian Huitema
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman S Moonesamy
- Re: [IETF] DMARC methods in mailman Dave Crocker
- Re: [IETF] DMARC methods in mailman Theodore Ts'o
- Re: [IETF] DMARC methods in mailman John C Klensin
- Re: [IETF] DMARC methods in mailman Dave Crocker
- RE: [IETF] DMARC methods in mailman Christian Huitema
- Re: [IETF] DMARC methods in mailman Dave Crocker
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman Dave Crocker
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni