I support an initiative to validate other parts of the mail message, to inhibit the ability of criminal actors to spoof recipients. The topics that I think need attention include: Control untrusted content in the Friendly Name. As suggested, a mechanism is needed to hide or remove untrusted Friendly Names. This seems to require a way to sign the message with and without the Friendly Name included, as well as methods to configure policy defintions for Friendly Name trust.
Obstruct hijacking of corporate logos. Existing work with Digital Rights Identifiers seems to be the starting point for this effort. Validate routing paths and detect suspicious routes. ARC seems to provide this opportunity. Currently, any Received header, prior to the first one, cannot be fully trusted, because it might be spoofed. This is a source of concern even if criminals are not yet spoofing this content. ARC provides the opportunity to distinguish verified Received headers from unverified ones. The potential benefits of this information for spam filtering are not yet clear, but I believe those opportunities will become evident in the future. Embrace multiple authorship. We need to provide spam filters, mailing lists, and other intermediaries with the ability to add signed content without destroying existing signatures,. This will require MUAs that understand the multiple authors and can use that knowledge to display the content of different authors with appropriate identifying information. It will also require supporting protocols to allow incoming gateways and individual users with the ability to control whether an addition is trusted and visible or untrusted and hidden. These initiatives will add complexity to the email evaluation process. We know that anything which adds complexity will also create risk that email gateways will become confused and therefore vulnerable. These initiatives must be carefully vetted to avoid creating new attack methods. The criminals seem to have more imagination than the rest of us, so attack methods can be difficult to predict. Doug Foster ---------------------------------------- From: "Murray S. Kucherawy" <[email protected]> Sent: 7/25/20 9:49 AM To: Dotzero <[email protected]> Cc: IETF DMARC WG <[email protected]> Subject: Re: [dmarc-ietf] Fwd: Agenda requests for Madrid IETF On Fri, Jul 24, 2020 at 12:05 PM Dotzero <[email protected]> wrote: I would like to see an agenda item as to whether work around "Display Name" changes are in scope or out of scope for this effort and this working group. It would seem to me that any such efforts are more appropriate for the emailcore working group. A quick read of the current charters suggests to me that it's in scope for neither. That seems to be especially true for emailcore. Do you have such a change to propose? -MSK
_______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
