IETF Logo Mail Archive

[Mailsec] Re: SMTP headers in DATA block?

John R Levine <johnl@taugh.com> Tue, 10 June 2025 11:50 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: mailsec@mail2.ietf.org
Delivered-To: mailsec@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id DA65433205AD for <mailsec@mail2.ietf.org>; Tue, 10 Jun 2025 04:50:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -4.401
X-Spam-Level:
X-Spam-Status: No, score=-4.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="vuPhhYCj"; dkim=pass (2048-bit key) header.d=taugh.com header.b="GIEMi7Eq"
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5PfCqCggaIbo for <mailsec@mail2.ietf.org>; Tue, 10 Jun 2025 04:50:15 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 7BA76332053C for <mailsec@ietf.org>; Tue, 10 Jun 2025 04:50:15 -0700 (PDT)
Received: (qmail 27513 invoked from network); 10 Jun 2025 11:50:14 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=6b7668481bf6.k2506; t=1749556204; x=1749901804; bh=1e8M+VBXpUD1OSc6ReA8dH48IsuP1zunGkVeOTkopu0=; b=vuPhhYCjKLsbr/rCNOH3WSWA81gzhNVlD4IGot7faru3iKYA5dH74eMDrIX2HisM12LW/E766XSmxw4TcowfpVuX4gM0HzLhyI7aEXLcxO0CNqMMFHhPXLiUJh5bSnWGmUIl23B0YE31qaQPmJMVJtaVfuGNRH9H8iBAGq2rvztcjUhNTU18ZCWcY4nFPIN9ym21J7Zwzt0mY1gfm/gUasvOtbQWLqv7xb8cKfpkMNaHdi0B0AgAChGu0ybeED42D82xm4RgLUauFF9xFEFhjHmhwjunuEpzrp4/vvP99CxCajCMHxGud2O+GrU5vZMmN5xsQFp1ezbzzN0+A9iGIw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=6b7668481bf6.k2506; bh=1e8M+VBXpUD1OSc6ReA8dH48IsuP1zunGkVeOTkopu0=; b=GIEMi7EqQAwbvRYALSlEsicbY18sMbRdrriKviwHu1IlR8zANDIOE9q+DM4xsV6z3oZMeCWwfHnTRPQO6XkKe9NN9pzxOByBJJtb2uJe6NMvAq+Wclm1p5jGxZqr+Kn2TV5ZQV4t/FtpTLYFmkglRU3Lom4T6AJ7GBex9ODDZPtS8hAPCYXlDJhs5TClm7FaHXLAzg+dF7VtbDMg1KoH706w1Axji+XFOSmkSxBguzIndJ6fOD48cjEon6yDsBlp8vkoDNkfjfyvnHYTkI+Ax4el/mfF8LPfCfIxTlIxc8mFSxjcbhregT+ZqqPiijyMzufjUku9Io5FQ7Dw4C59FA==
Received: from ary.local ([IPv6:2001:470:1f07:1126:0:78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126:0:78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA CHACHA20-POLY1305 AEAD) via TCP6; 10 Jun 2025 11:50:14 -0000
Received: by ary.local (Postfix, from userid 501) id 02C40CD89579; Tue, 10 Jun 2025 13:50:12 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1]) by ary.local (Postfix) with ESMTP id 7EA7CCD8955B; Tue, 10 Jun 2025 13:50:12 +0200 (CEST)
Date: Tue, 10 Jun 2025 13:50:12 +0200
Message-ID: <2d5eb505-e1e3-1ef9-4eac-dfd691997358@taugh.com>
From: John R Levine <johnl@taugh.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
In-Reply-To: <CAL0qLwYsHp=p1mMjJkL_ZnBcpzL2GMWnwrNH-scOgznE3ja4_A@mail.gmail.com>
References: <5223991.nocEyzAEji@workstation.vm.ideapad.lan> <35058772-8cdf-55f3-680a-8d8252f692a1@taugh.com> <9160842.Sb9uPGUboI@thonkpad.lan> <83307111.hWhx571oVS@workstation.vm.ideapad.lan> <CAL0qLwYsHp=p1mMjJkL_ZnBcpzL2GMWnwrNH-scOgznE3ja4_A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Message-ID-Hash: FDIW7JJYATGIMXWOJXNBLRSQQ4BXKQ6E
X-Message-ID-Hash: FDIW7JJYATGIMXWOJXNBLRSQQ4BXKQ6E
X-MailFrom: johnl@taugh.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: mailsec@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Mailsec] Re: SMTP headers in DATA block?
List-Id: Email Security Issues <mailsec.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/mailsec/Stxat_WLyMjkleL9g5j6zPFs0vE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mailsec>
List-Help: <mailto:mailsec-request@ietf.org?subject=help>
List-Owner: <mailto:mailsec-owner@ietf.org>
List-Post: <mailto:mailsec@ietf.org>
List-Subscribe: <mailto:mailsec-join@ietf.org>
List-Unsubscribe: <mailto:mailsec-leave@ietf.org>

On Tue, 10 Jun 2025, Murray S. Kucherawy wrote:
> Even if you do add the header field and it is presented to users, my
> inclination is to believe that this will just be either ignored or more
> confusing for users, who tend to lean toward assuming something is
> legitimate in the presence of at least partial information that looks
> familiar.
>
> I don't have a better suggestion, but I'm skeptical that this would be a win.

All my experience says that the right place to do mail filtering is the 
MDA.  It has all of the information and has all the options about what to 
do with the mail.  There are MUAs that try to do filtering but that's 
mostly an historical artifact from a long time ago when MDA filtering 
didn't happen.

Anything this header is supposed to enable should be easier to do in the 
MDA.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.36.0 | Report a Bug | By Email | System Status