IETF Logo Mail Archive

Re: Email and reputation (was Re: Service outages planned for April 25)

Keith Moore <moore@network-heretics.com> Thu, 28 April 2022 14:07 UTC

Return-Path: <moore@network-heretics.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5022C15E6EB for <ietf@ietfa.amsl.com>; Thu, 28 Apr 2022 07:07:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.752
X-Spam-Level:
X-Spam-Status: No, score=-3.752 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-1.857, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s2hrXqk4NpQY for <ietf@ietfa.amsl.com>; Thu, 28 Apr 2022 07:07:06 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AAC3EC1595E5 for <ietf@ietf.org>; Thu, 28 Apr 2022 07:07:05 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 41B955C00FF for <ietf@ietf.org>; Thu, 28 Apr 2022 10:07:05 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Thu, 28 Apr 2022 10:07:05 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1651154825; x= 1651241225; bh=b39oxrQ4JudnAe/yMyKyuUUY+QcA+x1281/s4+20vMY=; b=I paNp0eaTikZq/xjvfYDUJgBpHPo1CNFjoISOb9C8+MNMHWJ60fnZnADU55l+sHrE pH7s0DWyfW8SUsPuUjb/8Xz+JB1EGOOLt3lFgDGpH27nJQYl756IRf0x7AUjT+t0 +v9gNMd9fmWg6o0OgpX+sHONseXwRz6HwXp9uYcMF4PiUYgi8CZ4ENY2gXHKGYDY f6rtDNc5drz0aoXY6B89nTpQS9YpflpcFLsP/1O2UD3IfCiN/Qclzgsxtepjzctx F2tGxr6eEBZLIU9MHHnZFGpgpAHW40SMRJDaFDvnalgvjo31ilulUbj7emyxRiXi 9C/aWKFeTNN8WXP1TgFZg==
X-ME-Sender: <xms:iJ9qYkA-fIbeZN0ACxWFvw4qIAiI2gU3NUYDkvWN_Vobrs36JnmUqg> <xme:iJ9qYmgdyg3O4z1Gcn1b16UjjBa0--ay7-LSzhUCXv2GpbQ-g9hDNc1jdIGogMqQE ZPNXis1LRtGAA>
X-ME-Received: <xmr:iJ9qYnlNuri7JYsYzNQ6ZshM6iz1CkAzIVHN5TmlUOQWtGcprrWv7Nvx8l7Z_pR937AwAb0EBj1L7xn_2_-_B1LEqzrpEhlj6TJX>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrudejgdejvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurheptgfkffggfgfuvfhfhfgjsegrtderre dtfeejnecuhfhrohhmpefmvghithhhucfoohhorhgvuceomhhoohhrvgesnhgvthifohhr khdqhhgvrhgvthhitghsrdgtohhmqeenucggtffrrghtthgvrhhnpeehfeduvdeggfefve eiiefggeeludefjeduieetledugeefffelffevieffkeeiffenucevlhhushhtvghrufhi iigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmohhorhgvsehnvghtfihorhhkqd hhvghrvghtihgtshdrtghomh
X-ME-Proxy: <xmx:iJ9qYqweXaen_0-QiMm4CsJE5Sc0B2LMxnSkmT8YWDxZKfiNxqCS_w> <xmx:iJ9qYpRbCJfH40kbumfXplWjt0Lz8zy-Apbvwt7SWah4J-jm6NIWjg> <xmx:iJ9qYlaSLBYivoLUx5FLKrpCY9fhGMKiCfqtxNYAQ_9QEjaZvm3TgQ> <xmx:iZ9qYgcxPswAeesLrNeXJ6nqNIxjRE-9UldnB9VeKQ4Z7FttA8AUyA>
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <ietf@ietf.org>; Thu, 28 Apr 2022 10:07:04 -0400 (EDT)
Content-Type: multipart/alternative; boundary="------------9oXjNHtKFElGCn2THyWZtxQt"
Message-ID: <a03c9950-002e-1fde-a7c5-b5dba4ae7eed@network-heretics.com>
Date: Thu, 28 Apr 2022 10:07:04 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.7.0
Subject: Re: Email and reputation (was Re: Service outages planned for April 25)
Content-Language: en-US
To: ietf@ietf.org
References: <dcc27c29-51f8-c2a4-8ce4-ee1a3c6cb017@nostrum.com> <66aebf8b-2835-d572-ad00-eb2df514a157@nostrum.com> <626A610B.9050508@btconnect.com> <A449287A-CDA4-4173-8691-7049488FD130@ietf.org> <664edff3-3690-995f-1c1e-ce3e6c5c1eae@network-heretics.com> <44D37C5A-74E0-4C2E-AB5D-E0AA2F846331@tzi.org> <38f9687c-293d-e5db-7796-0de4939c64bf@network-heretics.com> <AAE3C51B-0150-483C-8244-3D60BC31B19A@tzi.org> <2c5df733-0f86-d319-b886-81882328caa9@network-heretics.com> <1870005490.14504.1651151102962@appsuite-gw1.open-xchange.com>
From: Keith Moore <moore@network-heretics.com>
In-Reply-To: <1870005490.14504.1651151102962@appsuite-gw1.open-xchange.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/ehaoWlMAk6b__mnqwVkeUrZoc1A>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Apr 2022 14:07:10 -0000

On 4/28/22 09:05, Vittorio Bertola wrote:

> I see this as one of the many manifestations of possibly the biggest 
> shortcoming in the original design of the Internet's architecture, 
> i.e. not having an "identity layer" taking care of user authentication 
> and information sharing in a uniform way below all application 
> protocols. Of course, this need only became fully apparent much later 
> than when the architecture was designed, so the architects are 
> entirely excused; also, this is not just a technical problem, and the 
> organizational architecture is not fully ready even now.

While I agree at least to the extent that using source IP address as a 
proxy for identity is horrible, it seems to me that the problem with an 
"identity layer" is that it almost presumes that there's some signal 
notion of "identity" that should be shared across all Internet users, 
protocols, environments, usage situations, etc.

(And even if you somehow make the identity layer agnostic about such 
variables, in practice it's likely that the "market" would support only 
one or two kinds of identity and thereby make the Internet even more 
hostile to diverse applications than it already is.)

> Still, if I had a standard way to sign my email and privately, 
> securely disclose who I am to the recipient, we would not have had the 
> need to build alternative identity systems such as DKIM, based on 
> unacceptably vague proxies for the sender's identity (i.e. the domain 
> of their email provider). Identity is a precondition for any 
> reputation system - if you attribute reputation to the wrong identity 
> you are going to blame someone for someone else's actions, which is 
> exactly how antispam filters mostly work today.

Being able to privately, securely disclose who you are to the recipient 
wouldn't do a thing to help spam filters, since spam filters aren't the 
recipients of messages and a "secure" disclosure of who you are to the 
recipient wouldn't make that disclosure visible to anyone else.

And antispam filters don't even really work by assigning blame to the 
wrong party; that's giving them too much credit.  They just believe that 
they can DoS someone's email for entirely arbitrary reasons that they 
typically don't even bother to disclose.

Keith

v2.23.0 | Report a Bug | By Email