>We've been looking at weak dkim from the angle of reducing what's covered >by the signature... but unfortunately, that takes out the major parts of >the message that we care about. > >I'm wondering if there is a different alternative.
When we were doing DKIM, we went around and around and around trying to figure out what sort of modifications we could allow and still consider messages to be "the same", with negligible success. All we came up with was relaxed canon and l=NN. The point of relaxed was to allow for the sort of message tidying up that sendmail used to do before people understood the distinction between mail submission and mail relay. It is my impression that these days it's rare to have a message that passes relaxed that wouldn't also pass strict. The point of l= was to allow mailing lists to add footers, not so much because we thought that would solve a lot of problems but because it was the only thing we could think of that might solve one problem and it was cheap to specify and implement. Again, I don't get the impression that it's used very much, and messages with l=N would usually pass anyway. Google has some great algorithms people, so maybe they can come up with some essence of message fingerprint that works, but I'd be surprised. Anything that a mailing list might do to add innocuous text to a message, a spammer can do the same but adding spam text. I don't see any way around that. We can probably come up with a hack for subject lines just because subject lines are so short, but I'd be pretty surprised if anything more general were workable. (Proposed subject hack: add a new code to DKIM-Signature that says to use the copied subject from z= when verifying the signature, but only if the contents of that subject is a substring of the current subject. De-MIME-ing is a quality of implementation issue.) For my double signing hack, I'm coming at it from the other direction, what problem are we trying to solve. When AOL and Yahoo made their unfortunate DMARC decisions, they had a very concrete problem to solve. They'd allowed crooks to steal address books, so Yahoo (or AOL) users were getting spam with Yahoo addresses of people they knew, sent from random botnets, not from Yahoo. I believe that double signing still solves 99.9% of that problem while allowing mailing lists to do most of what they ordinarily do. While it is true that a malicious re-signing mediator could still delete the contents of a weakly signed message and replace it with spam, this greatly decreases the attack surface. The malicious party has to have a recent real message in hand from the real author, and the real author's mail system has fine grained control over who they allow to re-sign. Start with a heuristic about what domains are likely to be mailing lists (something I know gmail has from the comments in the aggregate reports), put weak signatures on mail sent to them. If a particular mediator's spamminess spikes, you can stop putting weak signatures on mail to the bad actor without having to break mail to everyone else. For incoming mail, the double signature allows you to tell the difference between direct mail and mediated mail, with the double signature not meaning that the mail is "real", but rather that it came via someone with at least a weak relationship with the author so it's likely non-horrible enough to be worth running through the normal spam filters. This does require heuristics and tuning, but so does any spam filter, and what this does seems similar to what any spam filter does anyway. R's, John _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
