Re: [dmarc-ietf] From: munging, was Ratchets - Disallow PCT 1-99

Thu, 22 Jul 2021 12:23:42 -0700 

On Thu 22/Jul/2021 20:51:05 +0200 John Levine wrote:

It appears that Alessandro Vesely  <[email protected]> said:

On Wed 21/Jul/2021 20:05:41 +0200 Matthäus Wander wrote:

Alessandro Vesely wrote on 2021-07-21 19:41:
Some lists operate the evasion hack, a.k.a. From: munging, only if the sender has p=quarantine or p=reject, some do it unconditionally, some only if the mail is outbound, some only if the receiver is mail.ru. Behavior doesn't seem to be settled yet. 

We should add a section on From: munging in the spec.


It's explained as mitigation in RFC7960:
<https://datatracker.ietf.org/doc/html/rfc7960#section-4.1.3.1>


What's seems to be missing is a recommendation to not change DMARC validation 
behavior subject to p= or other conditions. A conditional validation makes 
p=none less useful for monitoring of potential delivery problems.



I agree that it's easier to deal with From: munging when it's done uniformly on 
all messages.


Lists change messages in all sorts of ways, not just for DMARC, and if
you want to try to unmunge them (mostly a losing battle in my
experience) you end up with an ever growing list of patterns and
replacements.




Yeah, for example X-Mailman-Original-DKIM-Signature.  It still seems to be 
manageable, though.




 However, I'm not sure whether to actually RECOMMEND to do so.


That's simple: no.  I can't imagine why we would expect list operators to take 
list
management instructions from the people who screwed up their lists in the first 
place.



:-)


Yet, From: munging itself resulted from cooperation between dmarcers and MLM 
people, didn't it?




Also remember that ARC is supposed eventually to remove the need for anti-DMARC 
munging.




What I imagine can happen is that receivers who can work out how to trust ARC 
will unmunge messages based on Original-From:, Author:, or similar field when 
ARC validates it.  Unmunging based on undoing list changes is an alternative. 
Neither method seems to reliably work every time for every one.  Therefore, 
From: munging is going to stay.



Best
Ale
--













_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc























					Reply via email to