IETF Logo Mail Archive

Re: [dmarc-ietf] Suggestion: can we test DEMARC deployment with a mailing list?

Douglas Otis <doug.mtview@gmail.com> Tue, 06 May 2014 18:39 UTC

Return-Path: <doug.mtview@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E68D11A02F1 for <ietf@ietfa.amsl.com>; Tue, 6 May 2014 11:39:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bqraJKPYrkuP for <ietf@ietfa.amsl.com>; Tue, 6 May 2014 11:39:10 -0700 (PDT)
Received: from mail-qc0-x230.google.com (mail-qc0-x230.google.com [IPv6:2607:f8b0:400d:c01::230]) by ietfa.amsl.com (Postfix) with ESMTP id 5B2721A02AC for <ietf@ietf.org>; Tue, 6 May 2014 11:39:10 -0700 (PDT)
Received: by mail-qc0-f176.google.com with SMTP id r5so3152632qcx.21 for <ietf@ietf.org>; Tue, 06 May 2014 11:39:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=wpc+1jd8CsSnccZ0Z+PBvi88b3H+XgSlNbn8n1uMyVE=; b=OrPGv9YQxF+NVVafktRSmtiahB9U5tTVY/mrqlm8nq8ZGKeeGjpe1OkGy0/2isMJkQ A9FvdEEK41nwU5nDynVdT1KxGZPjSdeHfv7SbDeMktdWVaCCdsB4NZwYtFB3D+KR6a/z Sb7tbGF5i+6tye/VvI8GzztL6B/awv7HJZBPxkxUrm1ULEsSMfkG+W7pQVRtCLETJlXN ICR8MkKagjU02ziIWDpGS9vXGscxZ5NAXP2SYPjSuNq/aKImE8WTHMOQqiyfXFOyJXAB tLqCPhkYFQBEad99NDk/kyoCmF9YZd+e0nNaIYim5zraFkLM3TzpiFNQ+6Lff86Il1Yc R1gg==
X-Received: by 10.140.84.168 with SMTP id l37mr16106018qgd.104.1399401546283; Tue, 06 May 2014 11:39:06 -0700 (PDT)
Received: from [192.168.0.54] (107-0-5-6-ip-static.hfc.comcastbusiness.net. [107.0.5.6]) by mx.google.com with ESMTPSA id r4sm24943408qat.16.2014.05.06.11.39.04 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 06 May 2014 11:39:05 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
Subject: Re: [dmarc-ietf] Suggestion: can we test DEMARC deployment with a mailing list?
From: Douglas Otis <doug.mtview@gmail.com>
In-Reply-To: <536915E0.8080602@isdg.net>
Date: Tue, 06 May 2014 11:39:04 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <519E53D6-F5EE-4E8E-897F-EE2AF90D2B4F@gmail.com>
References: <28671EE8-A8B9-40D1-9268-527A8FFC34AD@cisco.com> <53682B10.2070000@meetinghouse.net> <1BB8A9AB-C7C1-4959-B8C2-C649AB4EA19D@cisco.com> <53682C4B.80301@meetinghouse.net> <C92FEFD4-06B7-48CD-A1F3-CF6F3DB259DE@cisco.com> <536915E0.8080602@isdg.net>
To: Hector Santos <hsantos@isdg.net>
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/RBNVa-qrR4kB2kCmZG2lQ6Joee0
Cc: IETF <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 May 2014 18:39:12 -0000

On May 6, 2014, at 10:03 AM, Hector Santos <hsantos@isdg.net> wrote:

> On 5/5/2014 8:37 PM, Fred Baker (fred) wrote:
>> 
>> I guess we�re running it. I was hoping to avoid the �everything around broke� part.
>> 
>> ...
>> 
>> And what comes quickly to mind is the comment, earlier in this thread, that �we have been running it for nine years.�
>> 
>> Running it, perhaps, but not learning from it. Kind of �Really Not The Point�.
> 
>  At the end of the day, this is all about the IETF desiring a "Freedom to DKIM Sign/Resign Mail" at any middleware, host, router. hop, forwarder, mailer, list service, etc, node along the transport part in the mail network without author domain restrictions.
> 
> Either you believe in an author domain DKIM regulated mail system or not.  The resigners do not believe no one uses "strict" policies anyway, and if Mom&Pop biz does, WHO CARES!!  The IETF has certainly shown it doesn't.
> 
> That pretty much sums it up.

Hector,

Perhaps a different perspective could be useful.  Rigidly constraining From header fields or Return Paths disrupts legitimate communication since this does not identify actual email sources.  Source assessment is a far more effective mitigation control over content filtering as demonstrated by evolving RTF, Flash, Java, and Office vulnerabilities.  SMTP lacks a federation feature found in XMPP.  Not having a means to federate control makes it difficult to exclude a malicious source.

TPA approximates a federation scheme, whether from authentication invoked by a From header field policy request or any other domain authentication method used.  TPA allows a sender (as an anchor) a means to authorize domains employed by their users within a single DNS transaction.  This allows a means to establish an email-chain-of-trust making use of various authentication methods.  DMARC attempts to improve reliability by combining either aligned DKIM signed content or SPF authorization.  TPA attempts to overcome impediments these methods impose in describing the actual system federation. 

In developing regions, the percentage of compromised systems is high.  A federated system should greatly assist in identifying where malicious content is being introduced and reduce the level of false detections, notifications, and blocking actions. 

Regards,
Douglas Otis

v2.23.0 | Report a Bug | By Email