Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles
2021-05-25 20:15:00
On 5/25/2021 5:50 PM, Sam Varshavchik wrote:
Dave Crocker writes:
Large mail systems all do this. We hoped that
there would be shared DKIM reputation lists like there are shared IP
lists but so far that hasn't happened.
This is never going to happen. Domains are relatively cheap. If a
domain acquires negative social credit it'll be discarded and
replaced by a new one.
One of the continuing, strategic challenges in anti-abuse work is that
people who work in it necessarily have a primary focus on bad actors.
A collaborative mechanism -- such as DKIM, where the originating site
literally signs up for identification and assessment -- creates a
challenge, in that evaluating good actors is quite a different job
from evaluating bad actors. It's not that good actors are perfect,
but that they are less likely to act badly and typically it won't be
intentionally.
So what you're saying is that usage of DKIM is more indicative of a good
actor than a bad actor.
Actually, no, that's not what I said. Bad actors are always the first
to adopt the newest anti-spam technologies, to abuse those unfortunates
who interpret DKIM the way you described.
DKIM establishes a clean (noise-free) channel from the signer, which
means that any assessment about them really is about them. If they are
bad actors, that is a lot easier to assess, as is if they are good actors.
Think misdemeanor rather than felony...
So the fact that domains are cheap is less relevant than a good actor
wanting to create a clean record of being a good actor.
I just did a rough search of my mailbox, looking at the proportion of
non-spam mail with DKIM-Signature: field versus the spam bin.
cf, above, about bad actors.
But nearly all other spam, the kind that I do have a major problem with,
the specific type that I'm bitching about, nearly all of it carries a
DKIM-Siganture: field. I only found very, very few exceptions to that.
For those assessed as bad actors, was any of their mail mixed in with
mail from a different signer who was assessed to be a good actor?
That differentiation is the value DKIM can provide. It eliminates or
reduces noise.
Now, to John's point, that DKIM alone is not indicative of reputation,
that it only serves to ascertain identity, and with that out of the way
you can now evaluate the proven identity's reputation. Well, the problem
with that is twofold:
1) There are no known (at least to me) established reputation providers.
And even if there are some that claim to be, history teaches that they
don't really accomplish much.
Gosh, you mean that each evaluator needs to formulate their own
criteria, about a complex, fuzzy topic? Yup!
2) So you're left with building and maintaining your own reputation
database.
That seems like a lot of work to me.
It is. Sad reality. Lot of criminals on the streets make safe
navigation challenging. Most people need to outsource their safety efforts.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [ietf-smtp] Email explained from first principles, (continued)
- Re: [ietf-smtp] Email explained from first principles, Peter J. Holzer
- Re: [ietf-smtp] Email explained from first principles, John Levine
- Re: [ietf-smtp] Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, John Levine
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, John Levine
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles,
Dave Crocker <=
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Dave Crocker
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, John Levine
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Sam Varshavchik
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Nathaniel Borenstein
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, John C Klensin
- Re: [ietf-smtp] DKIM and DMARC, Email explained from first principles, Matthias Leisi
- Re: [ietf-smtp] Email explained from first principles, Dave Crocker
|
|
|