Re: [Shutup] [ietf-smtp] Proposed Charter for something

"Christian Huitema" <huitema@huitema.net> Thu, 10 December 2015 18:48 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2650A1ACD30 for <shutup@ietfa.amsl.com>; Thu, 10 Dec 2015 10:48:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GTtg5kAC8Mu6 for <shutup@ietfa.amsl.com>; Thu, 10 Dec 2015 10:48:41 -0800 (PST)
Received: from xsmtp04.mail2web.com (xsmtp04.mail2web.com [168.144.250.231]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BADD1ACD04 for <shutup@ietf.org>; Thu, 10 Dec 2015 10:48:41 -0800 (PST)
Received: from [10.5.2.31] (helo=xmail09.myhosting.com) by xsmtp04.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1a76GV-0000fv-TO for shutup@ietf.org; Thu, 10 Dec 2015 13:48:40 -0500
Received: (qmail 31084 invoked from network); 10 Dec 2015 18:48:30 -0000
Received: from unknown (HELO huitema2) (Authenticated-user:_huitema@huitema.net@[131.107.147.15]) (envelope-sender <huitema@huitema.net>) by xmail09.myhosting.com (qmail-ldap-1.03) with ESMTPA for <johnl@taugh.com>; 10 Dec 2015 18:48:30 -0000
From: "Christian Huitema" <huitema@huitema.net>
To: "'John Levine'" <johnl@taugh.com>, <shutup@ietf.org>
References: <20151210144814.GA16386@lapsedordinary.net> <20151210151541.68326.qmail@ary.lan>
In-Reply-To: <20151210151541.68326.qmail@ary.lan>
Date: Thu, 10 Dec 2015 10:48:41 -0800
Message-ID: <09ee01d1337b$64881950$2d984bf0$@huitema.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQLGihlIx8XgxnwAvMMRHGeScaCZr5zZ4Axw
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/SjzXZ4tG-vEJ8X3My-LvzwrRXhw>
Cc: martijn@lapsedordinary.net
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for something
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2015 18:48:43 -0000

On Thursday, December 10, 2015 7:16 AM, John Levine wrote:
> ... 
> >The real question is: would spam filters still be able to do a good
> >enough job if we removed these things?
> 
> No, it's not.  The question is whether there would be an overall gain in
users'
> privacy since providers would likely be less able to combat phishing and
> other privacy attacks.
> 
> Spam filtering is just part of it, and in this case not where the most
important
> effects would be.

I am not sure I understand correctly, but it seems the reference to phishing
is in the context of "impersonated users." Bob receives a mail that appears
to come from "Alice@example.com." Everything matches, SPF, DKIM, DMARC. So
Bob actually believes the mail comes from Alice, and opens the attachment.
But the mail actually comes from the evil Eve, who somehow managed to
acquire Alice's password, and submitted the phishing message by
authenticating as Alice to Alice's MSA. In that context, if Bob's UA notices
that the submission IP comes from Upper Nowheristan instead of the usual
Mirrorland, Bob's UA could pop up a warning, or block the message. Is that a
correct summary of the concern?

-- Christian Huitema