IETF Logo Mail Archive

Re: [dmarc-ietf] Identification of an email author (was - Re: IETF Mailing Lists and DMARC)

Franck Martin <franck@peachymango.org> Mon, 07 November 2016 23:23 UTC

Return-Path: <franck@peachymango.org>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B2F9E129BCD; Mon, 7 Nov 2016 15:23:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=peachymango.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dl1hHxmRwJeV; Mon, 7 Nov 2016 15:23:53 -0800 (PST)
Received: from zmcc-5-mx.zmailcloud.com (zmcc-5-mx.zmailcloud.com [192.198.93.228]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 935EA129BC8; Mon, 7 Nov 2016 15:23:36 -0800 (PST)
Received: from zmcc-5-mta-1.zmailcloud.com (127.37.197.104.bc.googleusercontent.com [104.197.37.127]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by zmcc-5-mx.zmailcloud.com (Postfix) with ESMTPS id B7353520212; Mon, 7 Nov 2016 18:23:35 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by zmcc-5-mta-1.zmailcloud.com (Postfix) with ESMTP id 624CFC2411; Mon, 7 Nov 2016 17:23:35 -0600 (CST)
Received: from zmcc-5-mta-1.zmailcloud.com ([127.0.0.1]) by localhost (zmcc-5-mta-1.zmailcloud.com [127.0.0.1]) (amavisd-new, port 10032) with ESMTP id HMxk3E-4XRtp; Mon, 7 Nov 2016 17:23:33 -0600 (CST)
Received: from localhost (localhost [127.0.0.1]) by zmcc-5-mta-1.zmailcloud.com (Postfix) with ESMTP id CE14EC248A; Mon, 7 Nov 2016 17:23:33 -0600 (CST)
DKIM-Filter: OpenDKIM Filter v2.9.2 zmcc-5-mta-1.zmailcloud.com CE14EC248A
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=peachymango.org; s=61F775A4-4A7F-11E4-A6BB-61E3068E35F6; t=1478561013; bh=Tg5YPQ/9TxDbgq83mDJz8P/5zNLBE1VlDtQ3cc82g9Q=; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type: Content-Transfer-Encoding; b=GGcNHVC8Z3UoFdT6XoCQnr4ORNqxx4OQKXFSqXvwRdQUhzRACDgmlNpjtxcNQ2SUE 2WURZ4U49juRo8D40vlAE9SKkoxD0wjzKxD3b61GxtmCMZdEZJVtHdT0g0kDAn4LtI r04tCyu542hBCXIpg9b2LhnAbx05pQIgCUO2AUGc=
X-Virus-Scanned: amavisd-new at zmcc-5-mta-1.zmailcloud.com
Received: from zmcc-5-mta-1.zmailcloud.com ([127.0.0.1]) by localhost (zmcc-5-mta-1.zmailcloud.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id WVWjMFi37n-z; Mon, 7 Nov 2016 17:23:33 -0600 (CST)
Received: from zmcc-5-mailbox-1.zmailcloud.com (zmcc-5-mailbox-1.zmailcloud.com [10.240.0.12]) by zmcc-5-mta-1.zmailcloud.com (Postfix) with ESMTP id A7443C23FD; Mon, 7 Nov 2016 17:23:33 -0600 (CST)
Date: Mon, 07 Nov 2016 17:23:33 -0600
From: Franck Martin <franck@peachymango.org>
To: dcrocker <dcrocker@bbiw.net>
Message-ID: <460339986.19029473.1478561013458.JavaMail.zimbra@peachymango.org>
In-Reply-To: <WM!fa1df0b3499ebffb6af13b0aa7daba982511fae9c686131a51b99f5e583e2527c453cc0c69724be95ce4afc16c11e342!@mailstronghold-3.zmailcloud.com>
References: <678C2FBA-A661-4556-A300-5C08562B5F8A@iii.ca> <CO2PR00MB0103566D260F9BFEC7166C9B96A20@CO2PR00MB0103.namprd00.prod.outlook.com> <5FA03832-D38F-47F2-B974-7C903C7513FD@fugue.com> <CO2PR00MB01034350A8C90A1E039336F796A20@CO2PR00MB0103.namprd00.prod.outlook.com> <WM!9664810c615567bf070fc649d954183e561aaa67977ebde37433238a98da7930f34ca08db8c430e48500f1e63f6d7622!@mailstronghold-1.zmailcloud.com> <713098835.18678872.1478547678821.JavaMail.zimbra@peachymango.org> <969d43d4-78c9-6e44-e186-ca6ed6fa3445@dcrocker.net> <WM!fa1df0b3499ebffb6af13b0aa7daba982511fae9c686131a51b99f5e583e2527c453cc0c69724be95ce4afc16c11e342!@mailstronghold-3.zmailcloud.com>
Subject: Re: [dmarc-ietf] Identification of an email author (was - Re: IETF Mailing Lists and DMARC)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Mailer: Zimbra 8.6.0_GA_1194 (ZimbraWebClient - FF49 (Mac)/8.6.0_GA_1194)
Thread-Topic: Identification of an email author (was - Re: IETF Mailing Lists and DMARC)
Thread-Index: 64e06B0gZM2UZeRnR9+xHVStAJg6OQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/f_5wqErbUF77pb2JCtP8t0infqQ>
Cc: dmarc@ietf.org, IETF <ietf@ietf.org>, Terry Zink <tzink@exchange.microsoft.com>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Nov 2016 23:23:55 -0000


----- Original Message -----
> From: "Dave Crocker" <dcrocker@gmail.com>
> To: "Franck Martin" <franck@peachymango.org>, "Terry Zink" <tzink@exchange.microsoft.com>
> Cc: dmarc@ietf.org, "Ted Lemon" <mellon@fugue.com>, "IETF" <ietf@ietf.org>
> Sent: Monday, November 7, 2016 2:46:54 PM
> Subject: Re: [dmarc-ietf] Identification of an email author (was - Re: IETF Mailing Lists and DMARC)

> On 11/7/2016 11:41 AM, Franck Martin wrote:
>> The EAI WG found it was fine to remove the obligation to have an email
>> address part in the mandatory RFC5322.From header, leaving only the
>> display part to assert the original author.
> 
> We had that relaxed permission for From:, in the original
> From/Sender/Reply-to specification of rfc733, with the requirement that
> there be a Sender: email address.  It looks like we removed it for rfc822.
> 
> And while I recall something of the EAI discussion, I'm not recalling
> this permission's being returned.  Nor am I finding it in rfc6854:
> 
>      https://tools.ietf.org/html/rfc6854#section-2
> 
> So, please point to the formal specification that permits a From: field
> to have no email address.
> 

I'm not great at ABNF, so please bear with me. 

My understanding is that RFC proposes the following change:

from =  "From:" mailbox-list CRLF

TO

from = "From:" (mailbox-list / address-list) CRLF


They are defined by:
mailbox-list    =   (mailbox *("," mailbox)) / obs-mbox-list
address-list    =   (address *("," address)) / obs-addr-list

furthermore: 

address         =   mailbox / group
mailbox         =   name-addr / addr-spec
name-addr       =   [display-name] angle-addr
angle-addr      =   [CFWS] "<" addr-spec ">" [CFWS] /
                       obs-angle-addr
group           =   display-name ":" [group-list] ";" [CFWS]
display-name    =   phrase
mailbox-list    =   (mailbox *("," mailbox)) / obs-mbox-list
address-list    =   (address *("," address)) / obs-addr-list
group-list      =   mailbox-list / CFWS / obs-group-list


So if you follow the fact that the new from can contain an address list, and that an address can be either a mailbox or a group and that a group can be 'undisclosed sender:;'

So you could find an email with the following header

From: undisclosed sender:;

and that would be ok as per rfc6854

Note the security consideration in same RFC that "discourages" the use of the group syntax, but as a receiver, I would claim, this increases the level of secret sauce to apply to evaluate an email...

v2.23.0 | Report a Bug | By Email