Re: [Shutup] [ietf-smtp] Proposed Charter for something
"Christian Huitema" <huitema@huitema.net> Thu, 10 December 2015 18:48 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: shutup@ietfa.amsl.com
Delivered-To: shutup@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2650A1ACD30 for <shutup@ietfa.amsl.com>; Thu, 10 Dec 2015 10:48:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GTtg5kAC8Mu6 for <shutup@ietfa.amsl.com>; Thu, 10 Dec 2015 10:48:41 -0800 (PST)
Received: from xsmtp04.mail2web.com (xsmtp04.mail2web.com [168.144.250.231]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BADD1ACD04 for <shutup@ietf.org>; Thu, 10 Dec 2015 10:48:41 -0800 (PST)
Received: from [10.5.2.31] (helo=xmail09.myhosting.com) by xsmtp04.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1a76GV-0000fv-TO for shutup@ietf.org; Thu, 10 Dec 2015 13:48:40 -0500
Received: (qmail 31084 invoked from network); 10 Dec 2015 18:48:30 -0000
Received: from unknown (HELO huitema2) (Authenticated-user:_huitema@huitema.net@[131.107.147.15]) (envelope-sender <huitema@huitema.net>) by xmail09.myhosting.com (qmail-ldap-1.03) with ESMTPA for <johnl@taugh.com>; 10 Dec 2015 18:48:30 -0000
From: Christian Huitema <huitema@huitema.net>
To: 'John Levine' <johnl@taugh.com>, shutup@ietf.org
References: <20151210144814.GA16386@lapsedordinary.net> <20151210151541.68326.qmail@ary.lan>
In-Reply-To: <20151210151541.68326.qmail@ary.lan>
Date: Thu, 10 Dec 2015 10:48:41 -0800
Message-ID: <09ee01d1337b$64881950$2d984bf0$@huitema.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AQLGihlIx8XgxnwAvMMRHGeScaCZr5zZ4Axw
Content-Language: en-us
Archived-At: <http://mailarchive.ietf.org/arch/msg/shutup/SjzXZ4tG-vEJ8X3My-LvzwrRXhw>
Cc: martijn@lapsedordinary.net
Subject: Re: [Shutup] [ietf-smtp] Proposed Charter for something
X-BeenThere: shutup@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SMTP Headers Unhealthy To User Privacy <shutup.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/shutup>, <mailto:shutup-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/shutup/>
List-Post: <mailto:shutup@ietf.org>
List-Help: <mailto:shutup-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/shutup>, <mailto:shutup-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Dec 2015 18:48:43 -0000
On Thursday, December 10, 2015 7:16 AM, John Levine wrote: > ... > >The real question is: would spam filters still be able to do a good > >enough job if we removed these things? > > No, it's not. The question is whether there would be an overall gain in users' > privacy since providers would likely be less able to combat phishing and > other privacy attacks. > > Spam filtering is just part of it, and in this case not where the most important > effects would be. I am not sure I understand correctly, but it seems the reference to phishing is in the context of "impersonated users." Bob receives a mail that appears to come from "Alice@example.com." Everything matches, SPF, DKIM, DMARC. So Bob actually believes the mail comes from Alice, and opens the attachment. But the mail actually comes from the evil Eve, who somehow managed to acquire Alice's password, and submitted the phishing message by authenticating as Alice to Alice's MSA. In that context, if Bob's UA notices that the submission IP comes from Upper Nowheristan instead of the usual Mirrorland, Bob's UA could pop up a warning, or block the message. Is that a correct summary of the concern? -- Christian Huitema
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… John Levine
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Martijn Grooten
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Dave Crocker
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… John C Klensin
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… John Levine
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Martijn Grooten
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Richard Clayton
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Martijn Grooten
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Martijn Grooten
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Steve Atkins
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Richard Clayton
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Chris Lewis
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Hector Santos
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Christian Huitema
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Chris Lewis
- Re: [Shutup] [ietf-smtp] Proposed Charter for som… Christian Huitema