On Fri, Sep 12, 2014 at 09:27:42AM -0400, Theodore Ts'o wrote:
But unfortunately, once the UI recognizes this case, would we not be
imposing harm vis-a-vis phishing in particular? And then DMARC Mark
II (as it were) would have to prohibit the wrapping and require a wrap
of a wrap, etc.
There's no way of winning this. But if we are going to go down this
path, it would be useful to discuss what the UI would look at that
meets the needs of mailing lists, but without potential harm of
phishing.
Right, there's no way to win against phishing with narrow technical
counter-measures. Phishing is not an attack on vulnerable computer
systems that follow rigid rules, it is an attack on vulnerable
fuzzy human reasoning about the online world. Narrow defenses like
DMARC don't deter the phishers, but do damage the email infrastructure.
Sometimes more harm is done by over-eager defenders, than by the
attackers.
The main effect of DMARC has been that 419 scammers now put the
Gmail, Yahoo, ... email address in "Reply-To:", rather than "From:".
Phishers also find other alternatives:
Return-Path: <wanewviv(_at_)web116(_dot_)brainhost(_dot_)com>
Received: from web116.brainhost.com (web116.brainhost.com [64.31.11.114])
(using unknown with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
by amnesiac (Postfix) with ESMTPS id 278102AB02B
for <censored(_at_)example(_dot_)org>; Thu, 11 Sep 2014 13:16:11
+0000 (UTC)
To: censored(_at_)example(_dot_)org
Subject: Update You account PayPal
From: trami zlal <PayPal(_at_)support(_dot_)com>
This phisher did not even bother to use a plausible Display Name.
The pitch in the message payload is by far the most important
element of the attack, the machine-readable "metadata" we protect
is not nearly as significant.
--
Viktor.