ietf
[Top] [All Lists]

Re: DMARC and yahoo

2014-04-21 14:15:57
On 4/21/2014 11:04 AM, Doug Royer wrote:

If yahoo sends out an email from list-name@yahoo, then that is where the
email is from.

Unfortunately, email is more complicated than that. There are multiple actors, taking multiple roles. The most important one to represent properly in the message is the author, shown in the rfc5322.from header field.

At the top level, an author is communicating with recipients, and often they need to be able to reply to to that author, without copying the other recipients. Mess with the original From field and the ability to reply is typically affected.

A mailing list is a mediator to this exchange, such that, yes, it takes formal delivery and formally posts a new message. However the 'original' author and the 'final' recipients still treat this as an exchange between them. The recipients are aware of the role of the mailing list, but they do not consider the mail to be 'from' the mailing list.

The mailing list is an originator, in formal terms, which is typically represented by the rfc5322.sender field.

Changing the rfc5322.From field to be different than what the original author created alters communication among the the participants.


So it would be correct to set the from/sender in the email to be

from/sender?  those are two different fields.


list-name(_at_)yahoo(_dot_)com.
Why try to make it fake anything?

If you want to preserve any digital signature in the original message,
then send the original email as a mime body part in the forwarded message.

Encapsulating the original message into a subordinate message has some appeal. It also well might have some additional attack vectors. In any event, it's an end-to-end change, probably affecting every entity handling the message.

d/


--
Dave Crocker
Brandenburg InternetWorking
bbiw.net

<Prev in Thread] Current Thread [Next in Thread>