IETF Logo Mail Archive

Re: Will mailing lists survive DMARC?

Mikael Abrahamsson <swmike@swm.pp.se> Tue, 29 April 2014 13:29 UTC

Return-Path: <swmike@swm.pp.se>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 92E591A08EB for <ietf@ietfa.amsl.com>; Tue, 29 Apr 2014 06:29:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.602
X-Spam-Level:
X-Spam-Status: No, score=-4.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GuBB4ZCwaOGf for <ietf@ietfa.amsl.com>; Tue, 29 Apr 2014 06:29:14 -0700 (PDT)
Received: from uplift.swm.pp.se (swm.pp.se [212.247.200.143]) by ietfa.amsl.com (Postfix) with ESMTP id 123011A08DD for <ietf@ietf.org>; Tue, 29 Apr 2014 06:29:13 -0700 (PDT)
Received: by uplift.swm.pp.se (Postfix, from userid 501) id E1BFFA6; Tue, 29 Apr 2014 15:29:11 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=swm.pp.se; s=mail; t=1398778151; bh=2AuyGpifSm8FcptqZ2r4gv30zUH2k4w+QHEr4a6wAjQ=; h=Date:From:To:Subject:In-Reply-To:References:From; b=g7ngPKGG43lsfDjvCmp3abF9/r3kOg7+OvbaUd+gHpGnupWyWj2IW3BJ6sw0c4qpS gjixd4jaGOR37ZzH8Evka78E4a7AtyBdJR/64NYGk5usoI1etldlvQHevbW3oK5SHa mbYZl1wk74WuNujDjGF5XXwBqkRDTZh3oDrEsx2o=
Received: from localhost (localhost [127.0.0.1]) by uplift.swm.pp.se (Postfix) with ESMTP id D975EA5 for <ietf@ietf.org>; Tue, 29 Apr 2014 15:29:11 +0200 (CEST)
Date: Tue, 29 Apr 2014 15:29:11 +0200
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: ietf@ietf.org
Subject: Re: Will mailing lists survive DMARC?
In-Reply-To: <535FA739.3060608@dcrocker.net>
Message-ID: <alpine.DEB.2.02.1404291524500.29282@uplift.swm.pp.se>
References: <20140429124528.GA1324@mx1.yitter.info> <alpine.DEB.2.02.1404291502320.29282@uplift.swm.pp.se> <535FA739.3060608@dcrocker.net>
User-Agent: Alpine 2.02 (DEB 1266 2009-07-14)
Organization: People's Front Against WWW
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/ynq6FC3MhPFibTQa09oqfQPI8A4
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Apr 2014 13:29:16 -0000

On Tue, 29 Apr 2014, Dave Crocker wrote:

> On 4/29/2014 6:03 AM, Mikael Abrahamsson wrote:
>> I quickly went through
>> https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1
>> which I guess is the draft we're discussing? As far as I can tell, it
>> doesn't "inform" about the problem DMARC causes in conjunction with
>> quite prevalent mailing list functionality.
>
>
> Well, it does, but not in the most pedagogical fashion one might wish for. 
> "Obscure" wouldn't be an inappropriate characterization...
>
>   Appendix C.  DMARC XML Schema
>   ...
>   Descriptions of the PolicyOverrideTypes:
>   ...
>   mailing_list:  Local heuristics determined that the message arrived
>      via a mailing list, and thus authentication of the original
>      message was not expected to succeed.

I also found text in the A.3:

"A.3.  Sender Header Field

    It has been suggested in several message authentication efforts that
    the Sender header field be checked for an identifier of interest, as
    the standards indicate this as the proper way to indicate a re-
    mailing of content such as through a mailing list.  Most recently, it
    was a protocol-level option for DomainKeys, but on evolution to DKIM,
    this property was removed.

    The DMARC development team considered this and decided not to include
    support for doing so, for two primary reasons:
...
2.  Although it is certainly true that this is what Sender is for,
        its use in this way is also unreliable, making it a poor
        candidate for inclusion in the DMARC evaluation algorithm."

So... just because this is a hard problem to solve doesn't mean it's a 
good idea to just gloss over it and say "screw it" for mailing lists.

-- 
Mikael Abrahamsson    email: swmike@swm.pp.se

v2.23.0 | Report a Bug | By Email