Re: [IETF] DMARC methods in mailman
Dave Crocker <dhc@dcrocker.net> Tue, 27 December 2016 18:47 UTC
Return-Path: <dhc@dcrocker.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD23A129696 for <ietf@ietfa.amsl.com>; Tue, 27 Dec 2016 10:47:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.792
X-Spam-Level:
X-Spam-Status: No, score=-1.792 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=dcrocker.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bICoAbX8dep2 for <ietf@ietfa.amsl.com>; Tue, 27 Dec 2016 10:47:14 -0800 (PST)
Received: from simon.songbird.com (simon.songbird.com [72.52.113.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03F7D1296B4 for <ietf@ietf.org>; Tue, 27 Dec 2016 10:47:14 -0800 (PST)
Received: from [192.168.1.168] (76-218-8-128.lightspeed.sntcca.sbcglobal.net [76.218.8.128]) (authenticated bits=0) by simon.songbird.com (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id uBRImOmB000917 (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 27 Dec 2016 10:48:25 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dcrocker.net; s=default; t=1482864505; bh=x5bthXfcCQbyKwDAZjir9WBuaaRpxytGQfshdTGYZCY=; h=Subject:To:References:Cc:Reply-To:From:Date:In-Reply-To:From; b=oH6Ue0/HBrmCMC8TL76+TwIhbt0+JatdxruOKJS5WBH05h4d+suVSiJ9L1otRkRCY iVa0Hk0TcS4kZmuHbVfRT4tI5zRvitQ/sxxJAXZc+BFSca257QjNuNDibqqKdCvQfH P2krSFDQLQLFmotYXYVABjaLiQlOWz+dIRomipUE=
Subject: Re: [IETF] DMARC methods in mailman
To: Christian Huitema <huitema@huitema.net>, 'John Levine' <johnl@taugh.com>, ietf@ietf.org
References: <20161226205249.rneaenhh5c2dcpz4@thunk.org> <20161227013401.11378.qmail@ary.lan> <03e401d25fe5$5f32a5f0$1d97f1d0$@huitema.net> <6ec78001-e522-70cc-6592-0228492b8f74@dcrocker.net> <000201d26070$248a9030$6d9fb090$@huitema.net>
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
Message-ID: <49a2a831-a096-233a-3e48-0a87fa98e6ef@dcrocker.net>
Date: Tue, 27 Dec 2016 10:46:57 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1
MIME-Version: 1.0
In-Reply-To: <000201d26070$248a9030$6d9fb090$@huitema.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/rNJPnS_pePB28ICD-jcuEYL_XR8>
Cc: tytso@mit.edu
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Dec 2016 18:47:15 -0000
On 12/27/2016 10:36 AM, Christian Huitema wrote: > On Tuesday, December 27, 2016 7:14 AM, Dave Crocker wrote: >> On 12/26/2016 6:03 PM, Christian Huitema wrote: >>> But your mail and many comments on this lists point to the huge >>> responsibility of the MUA with respect to phishing. Phishing is >>> about duping the user by displaying misleading information. The >>> effective defenses have to rely on proper user interface design, >> >> Unfortunately, this is mostly /not/ true. >> >> The actual experience, both in field work and usability research, >> is that UI design does not affect user processing of phishing very >> much. Neither design nor user training have much effect. >> >> Hence most effective phishing protection is in the filtering >> engine(s) below the UI. > > We actually agree. In my mind, I was not thinking of UI as the > arrangement of displayed pixels, but rather the intelligent selection > of which information to present and what interactions to design. > Without this local intelligence, MUA are not likely to handle the > example that Viktor gave, "Joe Banker <joe@bank.notbank.example>". > Among other examples. My point is that this intelligent filtering > benefits from information about the user context, such as what bank > the user normally deals with. That kind of information might be > available in the user context, but is normally not available to the > mail delivery system. To that end, saying "MUA" might have some formal validity, but it does not help the discussion. Too many readers think it refers to something having to do with end-user interaction. Worse, Viktor's line of logic presumes the modified From field somehow gets the message past filters better, and that is just plain wrong. The modifications to the From line are intended for end users, not filtering engines. (Whether they are actually helpful for end-users is a different discussion. cf, my previous note. To my knowledge, there have been no studies to establish that the ad hoc modifications are at all useful.) d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net -- Dave Crocker Brandenburg InternetWorking bbiw.net
- Re: [IETF] DMARC methods in mailman John Levine
- Re: DMARC methods in mailman Philip Homburg
- Re: DMARC methods in mailman John Levine
- Re: DMARC methods in mailman Theodore Ts'o
- Re: DMARC methods in mailman Randy Bush
- Re: DMARC methods in mailman Philip Homburg
- Re: DMARC methods in mailman John R Levine
- Re: DMARC methods in mailman S Moonesamy
- Re: DMARC methods in mailman Philip Homburg
- Re: DMARC methods in mailman Philip Homburg
- Re: DMARC methods in mailman Theodore Ts'o
- Re: DMARC methods in mailman S Moonesamy
- Re: DMARC methods in mailman Alexey Melnikov
- DMARC stats for IETF mailing lists (was DMARC met… Alexey Melnikov
- Re: DMARC methods in mailman S Moonesamy
- RE: DMARC methods in mailman Christian Huitema
- Re: DMARC methods in mailman John Levine
- Re: DMARC methods in mailman Randy Bush
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman Philip Homburg
- Re: [IETF] DMARC methods in mailman Yoav Nir
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman Ted Lemon
- Re: [IETF] DMARC methods in mailman tom p.
- Re: [IETF] DMARC methods in mailman Patrik Fältström
- Re: [IETF] DMARC methods in mailman Philip Homburg
- Re: [IETF] DMARC methods in mailman Theodore Ts'o
- Re: [IETF] DMARC methods in mailman John C Klensin
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman John Levine
- Re: [IETF] DMARC methods in mailman Theodore Ts'o
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- RE: [IETF] DMARC methods in mailman Christian Huitema
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman S Moonesamy
- Re: [IETF] DMARC methods in mailman Dave Crocker
- Re: [IETF] DMARC methods in mailman Theodore Ts'o
- Re: [IETF] DMARC methods in mailman John C Klensin
- Re: [IETF] DMARC methods in mailman Dave Crocker
- RE: [IETF] DMARC methods in mailman Christian Huitema
- Re: [IETF] DMARC methods in mailman Dave Crocker
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman Dave Crocker
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni
- Re: [IETF] DMARC methods in mailman Viktor Dukhovni