IETF Logo Mail Archive

Re: dmarc damage, was gmail users read on... [bozo subtopic]

Doug Barton <dougb@dougbarton.us> Fri, 12 September 2014 18:20 UTC

Return-Path: <dougb@dougbarton.us>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89F801A7035 for <ietf@ietfa.amsl.com>; Fri, 12 Sep 2014 11:20:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.654
X-Spam-Level:
X-Spam-Status: No, score=-3.654 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RP_MATCHES_RCVD=-1.652, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nzzUwnMLfd3b for <ietf@ietfa.amsl.com>; Fri, 12 Sep 2014 11:20:55 -0700 (PDT)
Received: from dougbarton.us (dougbarton.us [208.79.90.218]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45CF61A6F85 for <ietf@ietf.org>; Fri, 12 Sep 2014 11:20:55 -0700 (PDT)
Received: from bcn-dbarton.lan (unknown [IPv6:2001:470:d:92:a180:5c4b:9f09:25a7]) by dougbarton.us (Postfix) with ESMTPSA id B5D1922B46; Fri, 12 Sep 2014 18:20:54 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=dougbarton.us; s=dkim; t=1410546054; bh=l4K/omE5VaqYwxY+oUactED9EdAVWS4mNBvGgkGhT+Y=; h=Date:From:To:Subject:References:In-Reply-To; b=DgyGh/qUT7f1SJAg0fuHUge0N0tvrVCtxQnyzvUgeFDNM7McYHb9hxoO8a0fu6SsR zBCpNg1AnXAN0ubyUbYLfG1hqUh+FAH4+ouVo/VX2rbQ+QElNNOvhSKhCpxdQDfxe9 4YrK9m2iLN/+8Ehe4mcPwhulA0b0ab+ZaApXDDUU=
Message-ID: <5413398E.5030905@dougbarton.us>
Date: Fri, 12 Sep 2014 11:21:02 -0700
From: Doug Barton <dougb@dougbarton.us>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:31.0) Gecko/20100101 Thunderbird/31.1.1
MIME-Version: 1.0
To: dcrocker@bbiw.net, "ietf@ietf.org" <ietf@ietf.org>
Subject: Re: dmarc damage, was gmail users read on... [bozo subtopic]
References: <20140911202058.3327.qmail@joyce.lan> <541208F6.1010302@dougbarton.us> <bb48b8f170074ddeb25cbb213f613892@DM2PR0301MB0655.namprd03.prod.outlook.com> <CE39F90A45FF0C49A1EA229FC9899B0525E804C0@USCLES544.agna.amgreetings.com> <54132CE8.7000702@dcrocker.net>
In-Reply-To: <54132CE8.7000702@dcrocker.net>
OpenPGP: id=1A1ABC84
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/Yj4hgSJGXQw2OtN6gniV8RaWFa8
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Sep 2014 18:20:57 -0000

On 9/12/14 10:27 AM, Dave Crocker wrote:
> What tends to be missed, throughout all of the discussions about dealing
> with the effect on intermediaries such as mailing lists, is that most or
> all of the mechanisms being discussed for intermediaries will work
> equally well for bad actors...

Dave,

First, I don't think that point has been missed, as it's been repeated 
so often. :)  Second, if you change the From: to be @<mailing list 
domain> the message is still protected if the mailing list domain uses 
SPF, DKIM, or better yet, both; AND the receiving system verifies them.

Or, put differently, faking Bad.Actor@<valid domain> is one of the 
scenarios that SPF/DKIM/DMARC are specifically designed to address. It's 
not clear how creating a solution which will allow mailing list traffic 
to flow will weaken that.

Doug

v2.23.0 | Report a Bug | By Email