On 11/27/2012 09:35 PM, Raman Gupta wrote:
On 11/27/2012 02:08 AM, Roland Turner wrote:
On 27/11/2012 03:17, Raman Gupta wrote:
I would think
from a privacy perspective its better for a domain's administrators to
examine just emails that failed validation, rather than capturing all
output and checking every single email sent.
Right, but this requires more engineering cleverness than is warranted
in your case.
Your post has a note of condescension in it which is not appreciated.
This may or may not be true -- you know little about me, or my
clients, or the projects I am working on.
I intended no condescension. Constructive criticism is welcome, of course.
(Even after careful re-reading I don't see how you inferred
condescension. Given that your comments about what I [don't] know about
you, your clients and your projects appear to have nothing at all to do
with a discussion about approaches to determining which of eight
messages failed authentication, I suspect that you are reading into my
remarks something that just isn't there.)
One thing mail receivers could possibly implement in the future is to
give the *addressed recipient* the option to send the forensic report
to the spoofed sender for verification of the spoof and/or criminal
action against the phisher. The receiver may also expose the ability
for the recipient to redact the parts of the email they wish to before
sending the report. This would sidestep the issue of the addressed
recipient's privacy rights.
As the intent of the entire exercise is to ensure that recipients never
see spoofed messages (to the extent that DMARC can make this
assessment), this doesn't feel like an approach that is likely get
widespread implementation.
Part of the thinking behind DMARC feedback mechanisms is that while
complete unredacted copies of every failed message would potentially be
very useful to Domain Owners, redacted reports from Mail Receivers who
feel unable to send unredacted ones are still quite useful, aggregate
reports from Mail Receivers who feel unable to send even redacted ones
are still somewhat useful, etc. There was no intention or attempt to
create a universal feedback system, just to establish a standardised
means to do so without prior arrangement to the extent that Mail
Receivers are able to and perceive benefit in doing so. It is also true
that there are private arrangements - some direct, some mediated -
between major Domain Owners and Mail Receivers that disclose more data
than is exposed in response to the mere existence of DMARC DNS records.
- Roland
--
Roland Turner | Director, Labs
TrustSphere Pte Ltd | 3 Phillip Street #13-03, Singapore 048693
Mobile: +65 96700022 | Skype: roland.turner
[email protected] | http://www.trustsphere.com/
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
