Re: Do we actually want to do anything about DMARC?

Alessandro Vesely <vesely@tana.it> Mon, 15 August 2016 09:31 UTC

Return-Path: <vesely@tana.it>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 731BE12B02B for <ietf@ietfa.amsl.com>; Mon, 15 Aug 2016 02:31:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.549
X-Spam-Level:
X-Spam-Status: No, score=-5.549 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.247, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S2DQTqhIvW8D for <ietf@ietfa.amsl.com>; Mon, 15 Aug 2016 02:31:28 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 508DA12D563 for <ietf@ietf.org>; Mon, 15 Aug 2016 02:31:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=beta; t=1471253485; bh=e9XiB2Dumjywbsxj55siiv2yIWuGz32mQxu5UdcrObk=; l=588; h=To:References:From:Date:In-Reply-To; b=kr7bMXdEunTmsBnbJfDIJtKV4BZIkvnh/h43hCmHeXoa8o+2dzlMM0NdUM9PIt0FL /zOQ3wEC9b4PmY9ZRj5vq0GFSpFY2YBCu4xX5/dv6NjMOSFreKZIqVCLfj42iGpUvU ld5K8vmS55hOUPnZGRzlkaAnnHikD3j2dUYa0OMg=
Authentication-Results: tana.it; auth=pass (details omitted)
Received: from [192.168.1.100] ([5.170.192.230]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLSv1/SSLv3, 128bits, ECDHE-RSA-AES128-GCM-SHA256) by wmail.tana.it with ESMTPSA; Mon, 15 Aug 2016 11:31:25 +0200 id 00000000005DC042.0000000057B18BED.0000174E
Subject: Re: Do we actually want to do anything about DMARC?
To: ietf@ietf.org
References: <20160815012208.8845.qmail@ary.lan>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <eb972040-caf2-7acf-85b8-a40fa8cdcd60@tana.it>
Date: Mon, 15 Aug 2016 11:31:16 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <20160815012208.8845.qmail@ary.lan>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/bLwJ_ZoCwcr9wh6wXNZJxXp2FYo>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Aug 2016 09:31:30 -0000

On Mon 15/Aug/2016 03:22:08 +0200 John Levine wrote:
> 
> My form is marissa@yahoo.com.dmarc.fail, but if wildcard MX records
> are scary, it could be marissa-yahoo.com@fwd.ietf.org.  Having done
> this before, I know it's not terribly hard, and I'd be happy to help
> make it work.

Marissa@yahoo.com.MANUALLY.REMOVE.THE.TRAILING.PARTS would involve even
less work and worries.  IMHO, it is not so much its forcing recipients
to refurbish their wit in order to discern phishes, as its rendering the
From: field meaningless, which troubles this workaround's viability.

Ale
--