[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Asrg] Re: RMX evaluation / Paul Vixie's procedure

To: "'william@elan.net'" <william@elan.net>, Tom Thomson <tthomson@neosinteractive.com>
Subject: RE: [Asrg] Re: RMX evaluation / Paul Vixie's procedure
From: "Eric D. Williams" <eric@infobro.com>
Date: Tue, 13 May 2003 11:17:56 -0400
Cc: "asrg@ietf.org" <asrg@ietf.org>
List-archive: <https://www1.ietf.org/pipermail/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Organization: Information Brokers, Inc.
Sender: asrg-admin@ietf.org

It seems to me that validating a mailing list delivery the transaction would go 
something like:

mail from: thelistsoftware@domain.name
rcpt to: thelistrecipient@otherdomain.name

the from may very well say:

From: somelistposter@stillanotherdomain.name
To: thelist@domain.name, someotherposter@quitealongdomain.name
Cc: me@mydomain.name

[content]

Where RMX does its check (mail-from) the 'tests' would not fail, ie. the list 
software is valid for originating mail from thelistsoftware@domain.name.  I do 
see your point with further checks on the message content headers, but it does 
not appear that the RMX check (as currently proposed) would fail in that 
regard.  Further, if the list software were to deliver with the following 
envelope:

mail from: somelistposter@stillanotherdomain.name
rcpt to: thelistrecipient@otherdomain.name

The RMX check would fail appropriately, as the delivering system (the list 
system) is/would not be allowed to envelope a message using that information. 
 Where you state the MUA may do header re-writing to some effect e.g. adding a 
sender line for example Sender: somelistposter@stillanotherdomain.name.  That 
would be appropriate however, if the line were Sender: 
thelistsoftware@domain.name, while not inaccurate may lead to end-user 'issues' 
with determining an appropriate originator (though not an inaccurate 
originator).

It seems to me that is an implementation issue in two places, a) with the list 
software developer - "am I friendly to RMX capable MTAs" and b) the MUA 
developer - "does my MUA support header rewriting in a way friendly to list 
software"; there may be a third issue with MTA header re-writing (in the first 
case), but IMHO that is not an MUA issue except where it intersects with 
end-user/UI usability (read expected behavior) issues.  Also, I don't think RMX 
considers (in-depth) header rewriting because the FSM of RMX is not involved 
directly in that process.

-e

On Tuesday, May 13, 2003 5:49 AM, william@elan.net [SMTP:william@elan.net] 
wrote:
> You'v already answered your own question. The client/end-user mail reader
> is adding "Sender:" header to the email, that is not a proper behavior,
> the sender should be added by sending MUA or MTA. ...
8<...>8
> The problem is that if you were using "From:" header for RMX validation
> you would as in example below see "william@elan.net" but actual message
> came from "ietf.org" server and so the mail would not be validated and
> would fail RMX. Using "Sender:" headeris also not possible since "Sender:"
> could have been set by by MUA (mine is configured not to do that) and then
> there are different maillist programs and majority will actually not set
> "Sender" or will not reset it to themselve if header already exists
> (some will add 2nd "Sender:" header, but this is rare and considered a bug,
> though I think RFC2828 does not explicitly forbid this), so again it fails
> with mail lists. This leaves MAIL FROM to be used for RMX validation and
> this is what all current RMX-like drafts propose. But as you quite well
> illustrated the MAIL FROM is not even seen by end-users and it means
> spammer can use one domain for MAIL-FROM (which would random domain
> without any RMX record) and use another domain for "From:" and most users
> will still consider email as having come from the listed "From:" address.
> And as for the "Sender:" header, spammers quite often set that as well.
>
> On Tue, 13 May 2003, Tom Thomson wrote:
>
> > william@elan.net wrote on 09 May 2003 at 06:06
...
> > I've appended below the email headers that Outlook reports for the message
> > to which I am replying.  If you think any of these is not correct (ie
> > Outloook has got it wrong) please let me know and I'll take it up with M$.
> > If you don't think any of it is wrong, perhaps you'll not make silly
> > accusations about Outlook in future.
...
> > Received: from www1.ietf.org ([132.151.1.19]) by mail.neosinteractive.com
> > with Microsoft SMTPSVC(5.0.2195.5329);
> > 	 Fri, 9 May 2003 13:29:26 +0100
> > Received: from www1.ietf.org (localhost.localdomain [127.0.0.1])
> > 	by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h4982I811640;
> > 	Fri, 9 May 2003 04:02:18 -0400
> > Received: from ietf.org (odin.ietf.org [132.151.1.176])
> > 	by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h497xr811361
> > 	for <asrg@optimus.ietf.org>; Fri, 9 May 2003 03:59:53 -0400
> > Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1])
> > 	by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA08152
> > 	for <asrg@ietf.org>; Fri, 9 May 2003 03:49:32 -0400 (EDT)
> > From: william@elan.net
> > Received: from ietf-mx ([132.151.6.1])
> > 	by ietf-mx with esmtp (Exim 4.12)
> > 	id 19E2fG-0002N4-00
> > 	for asrg@ietf.org; Fri, 09 May 2003 03:51:34 -0400
> > Received: from sokol.elan.net ([216.151.192.200])
> > 	by ietf-mx with esmtp (Exim 4.12)
> > 	id 19E2fF-0002N1-00
> > 	for asrg@ietf.org; Fri, 09 May 2003 03:51:33 -0400
> > Received: from sokol.elan.net (localhost.localdomain [127.0.0.1])
> > 	by sokol.elan.net (8.12.5/8.12.5) with ESMTP id h495627W017107
> > 	for <asrg@ietf.org>; Thu, 8 May 2003 22:06:02 -0700
> > Received: from localhost (william@localhost)
> > 	by sokol.elan.net (8.12.5/8.12.5/Submit) with ESMTP id h49562ML017103
> > 	for <asrg@ietf.org>; Thu, 8 May 2003 22:06:02 -0700
> > X-Authentication-Warning: sokol.elan.net: william owned process doing -bs
> > To: asrg@ietf.org
> > Subject: Re: [Asrg] Re: RMX evaluation / Paul Vixie's procedure
> > In-Reply-To: <200305090131.33356@grx>
> > Message-ID: <Pine.LNX.4.44.0305082050400.1089-100000@sokol.elan.net>
> > MIME-Version: 1.0
> > Content-Type: TEXT/PLAIN; charset=US-ASCII
> > Sender: asrg-admin@ietf.org
> > Errors-To: asrg-admin@ietf.org
> > X-BeenThere: asrg@ietf.org
> > X-Mailman-Version: 2.0.12
> > Precedence: bulk
> > List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,
> > 	<mailto:asrg-request@ietf.org?subject=unsubscribe>
> > List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
> > List-Post: <mailto:asrg@ietf.org>
> > List-Help: <mailto:asrg-request@ietf.org?subject=help>
> > List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,
> > 	<mailto:asrg-request@ietf.org?subject=subscribe>
> > List-Archive: <https://www1.ietf.org/pipermail/asrg/>
> > Date: Thu, 8 May 2003 22:06:02 -0700 (PDT)
> > Return-Path: asrg-admin@ietf.org
> > X-OriginalArrivalTime: 09 May 2003 12:29:26.0747 (UTC)
> > FILETIME=[A15052B0:01C31626]
>
> _______________________________________________
> Asrg mailing list
> Asrg@ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg
_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Prev by Date: Re: [Asrg] C/R Thoughts: Take 1
Next by Date: [Asrg] Crypto-based alternative to RMX
Previous by thread: RE: [Asrg] Does the group have a future?
Next by thread: [Asrg] RE: camram/sender pays e-mail system
Index(es):
- Date
- Thread