Re: DKIM: Does DKIM provide adequate protection from a malicious domain


At 23:19 19-07-2005, Earl Hood wrote:

What prevents a malicious domain from spoofing a sender's address?
I.e.  Is there anything in DKIM that (effectively) prevents a malicious
domain from using my personal address, or any one elses address?

The receiver's domain determines what action to take if the emailfails verification. If the published sender's DKIM policy statesthat all email is signed, such spoofs can be caught.

Section 6.6 appears to try to address this, but I am not sure
it is strong enough:

 In order to retain the current semantics and visibility of the From
 header field, verifying mail agents SHOULD take steps to ensure
 that the signing address is prominently visible to the user if it
 is different from the From address. If MUA implementations that
 highlight the signed address are not available, this MAY be done
 by the validating MTA or MDA by rewriting the From address in a
 manner which remains compliant with [RFC2822]

Is SHOULD good enough?  And is rewriting, at least in the given
example, sufficient.

For example, ispoofyou.org creates the appropriate DNS records
containing all require key information for DKIM usage and
sends out a message like the following:

  DKIM-Signature: a=rsa-sha1; s=whatever; d=ispoofyou.org;
        c=simple; q=dns;
        h=Received : From : To : Subject : Date : Message-ID;
        b=dzdVyOfAKCdLXdJOc9G2q8LoXSlEniSbav+yuU4zGeeruD00lszZ
          VoG4ZHRNiYzR;
  Received: from 10.2.3.4-example.com  [10.2.3.4]
        by submitserver.example.com with SUBMISSION;
        Fri, 11 Jul 2003 21:01:54 -0700 (PDT)
  From: Joe User <joe(_dot_)user(_at_)example(_dot_)com>
  To: Suzie Q <suzie(_at_)shopping(_dot_)example(_dot_)net>
  Subject: I need your help?
  Date: Fri, 11 Jul 2003 21:00:37 -0700 (PDT)
  Message-ID: <20030712040037(_dot_)46341(_dot_)5F8J(_at_)example(_dot_)com>

  ...

Assuming appropriate re-writing is done, the final From would
be:

  "Joe User via <@ispoofyou.org>" <joe(_dot_)user(_at_)example(_dot_)com>

Is this enough for an end user to determine that Joe User actually
sent the email?

No, it isn't enough for Joe User. :) The MUA could display aprominent alert in such a case.


Regards,

-sm

<Prev in Thread]	Current Thread	[Next in Thread>
DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, Earl Hood Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, SM <= Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, Earl Hood Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, SM Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, Dave Crocker Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, SM Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, Michael Thomas Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, Dave Crocker Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, Earl Hood

Previous by Date:	Re: revised Proposed Charter, Dave Crocker
Next by Date:	Re: revised Proposed Charter, william(at)elan.net
Previous by Thread:	DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, Earl Hood
Next by Thread:	Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?, Earl Hood
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: DKIM: Does DKIM provide adequate protection from a malicious domain from spoofing a sender's address?