Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs
2010-09-30 20:22:54
On 9/30/10 8:15 AM, Steve Atkins wrote:
On Sep 30, 2010, at 4:05 AM, Charles Lindsey wrote:
On Wed, 29 Sep 2010 18:52:01 +0100, John Levine <johnl(_at_)iecc(_dot_)com>
wrote:
I was thinking of the various proposals to rewrite From:
addresses, to outlaw subject tags and message footers, and
otherwise change the behaviors that MLM users expect in order to
make them conform to various ideas of how DKIM and/or ADSP are
supposed to work.
But nowhere has anyone suggested REQUIRING any MLM to do any of
those things.
They are all offered as suggestions for things MLMs MIGHT do do
get themselves out of such DKIM-caused troubles as they find
themselves in.
There are no DKIM-caused troubles they could possibly get themselves
into.
If you mean ADSP, say ADSP. If you really mean DKIM you need to
expand on what sort of troubles you're talking about.
Agreed. Those receiving benefits from a protocol change have an
incentive to make additional efforts. Companies who employ email in
their services are finding customers will discontinue the service when
inundated with phishing attempts. The impact of this is more
significant than fraud losses related to phishing.
ADSP's use of From header fields to establish signature compliance is
incompatible with third-party services, unlike SPF's use of MailFrom
parameters for authorization compliance. Unfortunately, since SPF
compliance is based upon unseen header fields, it can not mitigate
receipt of phishing attempts and its authorizations fail more often than
DKIM validations.
The problem is clearly related to ADSP and not DKIM, although domains
publishing ADSP assertions can exclude phishing messages on behalf of
their customers. It is counter productive to suggest mailing-lists
should make changes when these services are not commonly used in
phishing attempts for several reasons.
Annotations applied by most mailing-lists allow sorting and recognition
of messages not received directly from the identity within the From
header field. Although the actual source of these messages is seldom
confirmed, the typical segregation of mailing-list messages from other
direct sources help prevent these services from becoming a likely
phishing exploitation vectors. Recommending that mailing-lists to
discontinue their annotations will cause problems, since these messages
often lack source authentication, and without annotations, recipients
will be unable to discern which are from less trustworthy sources.
Rather than suggesting changes to the From header field, it might be
better to have third-party services include a Sender header field
instead. After all, this was a feature found in the original SSP
draft, expecting to leverage "on behalf of" notations made by Outlook.
Changing the use of the From header field would require a number
handling changes that seem counter productive.
Is there a safe way to shift DKIM signature compliance based upon the
From header field to that of the Sender header field? The TPA-Label
scheme would be one such method, which also allows the use of the
List-ID header field as well. The TPA-Label scheme also has the domain
being phished making the greatest effort, as it should be.
Receivers that then implement this scheme benefit by having lower false
positive detections of illegitimate messages, while not seeing the
disruption of third-party services. This also avoids a bad practice of
using sub or cousin domains in attempts to limit protection rather than
seeking comprehensive solutions.
-Doug
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, (continued)
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Ian Eiloart
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Graham Murray
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Steve Atkins
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Ian Eiloart
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, John R. Levine
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Scott Kitterman
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, John Levine
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Murray S. Kucherawy
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Charles Lindsey
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Steve Atkins
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs,
Douglas Otis <=
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Alessandro Vesely
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Michael Deutschmann
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Ian Eiloart
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Ian Eiloart
- Re: [ietf-dkim] Corner cases and loose ends, was , draft-vesely-dkim-joint-sigs, Douglas Otis
- [ietf-dkim] Authorizing List Domains, Hector Santos
- Re: [ietf-dkim] Authorizing List Domains, Douglas Otis
- Re: [ietf-dkim] Authorizing List Domains, Murray S. Kucherawy
- Re: [ietf-dkim] Authorizing List Domains, Douglas Otis
- Re: [ietf-dkim] Authorizing List Domains, Murray S. Kucherawy
|
|
|