IETF Logo Mail Archive

Re: [dmarc-ietf] outsourcing strategies, and a newbie's question

Franck Martin <fmartin@linkedin.com> Fri, 05 April 2013 17:49 UTC

Return-Path: <prvs=800a5e35e=fmartin@linkedin.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD43A21F9764 for <dmarc@ietfa.amsl.com>; Fri, 5 Apr 2013 10:49:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.89
X-Spam-Level:
X-Spam-Status: No, score=-5.89 tagged_above=-999 required=5 tests=[AWL=0.375, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZF4wYiEnPXZJ for <dmarc@ietfa.amsl.com>; Fri, 5 Apr 2013 10:49:12 -0700 (PDT)
Received: from esv4-mav05.corp.linkedin.com (esv4-mav05.corp.linkedin.com [69.28.149.81]) by ietfa.amsl.com (Postfix) with ESMTP id 04CAA21F973D for <dmarc@ietf.org>; Fri, 5 Apr 2013 10:49:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linkedin.com; i=@linkedin.com; q=dns/txt; s=proddkim1024; t=1365184146; x=1396720146; h=from:to:subject:date:message-id:in-reply-to:content-id: content-transfer-encoding:mime-version; bh=aUbEFopfxAhlksWhiBxJNcm6c1obVh/Zm4/E9PeH6iA=; b=n3ZPjiXl8PpsaZetRuYp9puH8aCTcknzNktAA7wtBUAMqAnMKvzstgy3 R0Y8J63i0GCGqQb8VgoV2G3bA4t5AqvH7XhqPylyNFu9G/3LW0mey4AHB F899hP/Is3vQF+wB7998sTSRMf1Sxe982yYH1fhZYEW+zc+QKjxPHateF U=;
X-IronPort-AV: E=Sophos;i="4.87,416,1363158000"; d="scan'208";a="44321785"
Received: from ESV4-MBX01.linkedin.biz ([fe80::d029:a1fa:62c4:2641]) by esv4-cas01.linkedin.biz ([172.18.46.140]) with mapi id 14.02.0328.011; Fri, 5 Apr 2013 10:48:59 -0700
From: Franck Martin <fmartin@linkedin.com>
To: Alessandro Vesely <vesely@tana.it>, "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] outsourcing strategies, and a newbie's question
Thread-Index: AQHOMiEXTf7Bov2X20CELZ8dTRNRo5jH53AA
Date: Fri, 05 Apr 2013 17:48:59 +0000
Message-ID: <77426B543150464AA3F30DF1A91365DE52EB992A@ESV4-MBX01.linkedin.biz>
In-Reply-To: <515F0680.9010203@tana.it>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.18.46.253]
Content-Type: text/plain; charset="utf-8"
Content-ID: <AB89F824E4E01243A9A159A025761FFF@linkedin.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Subject: Re: [dmarc-ietf] outsourcing strategies, and a newbie's question
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Apr 2013 17:49:13 -0000


On 4/5/13 10:14 AM, "Alessandro Vesely" <vesely@tana.it> wrote:

>Hi
>
>On Thu 04/Apr/2013 00:30:16 +0200 John Levine wrote:
>>>SMTP Mail From: communications@email.BigBank.com
>>>5322 From: communications.email.BigBank.com
>>>
>>>Neither of those lets the receiver know that the mail actually came
>>>from BigEmailers.com. You also have to
>>>manage private keys both within your own organization and with a 3rd
>>>party. Who knows how reliable they are?
>> 
>> Apparently reliable enough, since it's a very common way for big
>> companies to configure their ESP mail including the DKIM signatures.
>> If the ESP turns out to be corrupt or incompetent, the company always
>> has the option of removing the DNS delegation for email.bigbank.com,
>> installing poison records to make all the SPF and DMARC fail, and
>> using a different DNS name at their new ESP.
>
>I couldn't help thinking back to when you wrote:
>
>   In the physical world, banks have marble counters, vaults with
>   heavy steel doors, and other physical objects that are hard to
>   fake. A building that looks like a bank probably is a bank.
>      http://www.circleid.com/posts/fight_phishing_with_branding/
>
>All of that marble and heavy steel was built by external service
>providers who contracted those jobs.  Even surveillance is outsourced.
> The only reason for not delegating BigBank.com altogether would be if
>they want web and mail to be handled by different providers.  IMHO
>getting persuaded to outsource email to competent providers, lest be
>accused of insufficient protection against phishing, is the only way
>that banks can catch up.
>
>> I know that Forefront has a lot of big corporate customers, but it is
>> my impression that you're mostly doing individual mail, exactly the
>> kind that DMARC has the most trouble with due to forward to gmail,
>> mailing lists and the like.
>
>Newbie's question (be patient):  As I'm new to DMARC, perhaps I may
>ask why cannot a list manager or similar operator change the From:
>slightly?  For this message, that would be:
>
>IN:
>   From: Alessandro Vesely <vesely@tana.it>
>
>OUT:
>   From: Alessandro Vesely <vesely@tana.it> (sent by ietf.org)
>

What you describe if I'm not mistaken, is not a valid email syntax (or
deprecated one), but what your MUA present you with.
http://tools.ietf.org/html/rfc5322#section-3.4 mailbox syntax

The use of the Sender: header for DMARC as an identifier was not adopted
because it could be easily abused (cf systems like send this article to a
friend) and not all MUAs display it to the user (or in a meaningful way).

However, and that's another topic your could do:
From: "Alessandro Vesely (via IETF)" <dmarc@ietf.org>

Reply to: "DMARC List" <dmarc@ietf.org>


or

From: "Alessandro Vesely (via IETF)" <dmarc@ietf.org>
Reply to: "DMARC List" <dmarc@ietf.org>, "Alessandro Vesely"
<vesely@tana.it>

Note I also do not want to encourage people to put anything that looks
like an email address or domain in the friendly From part.

v2.23.0 | Report a Bug | By Email