On Sun, Aug 7, 2022 at 6:41 PM John R Levine <jo...@taugh.com> wrote:
> Moving this back to the main list: > > I said: > Even if I agreed that it would be a good idea for every mailing list in the > world to rewrite From lines so it's harder to tell who the messages are > from and > you can't reply reliably, there's no way that would survive last call. > Remember that a few large mail providers abused DMARC to outsource the > cost of > leaking their user address books to crooks, and screwed up every mailing > list in > the world as a side effect. > Blaming the victim is not the answer. Unfortunately, there is no good > answer. > > Scott said: > Agreed. On my phone I use an MUA which will display either the friendly > name or > the address, not both. I routinely get messages that I can't tell who they > are > from without reading the raw header if someone forgets to put their name > at the > end of the mail because I no longer get their address in the normal display > thanks to rewriting. I think, as was discussed at the meeting, what types > of > domains DMARC is suitable for needs to have some kind of MUST or MUST NOT > depending on how it's worded then with some non-normative words in an > appendix > which discuss options for damage containment when the MUST is ignored. > I'm surprised that John did not invoke King Canute at this comment. That ship has sailed. The horse bolted the barn and closing the barn door won't put the horse back in. Domain administrators will implement DMARC policy or not as they choose. > > On Sun, 7 Aug 2022, Alessandro Vesely wrote: > > Saying that domains with human users MUST NOT use DMARC is not a solution > > either. The wording has to express the explanation Pete gave at the > > meeting, which sounds very close to RFC 6919. > > > > Letting the victim die is not the solution either. Among the solutions > > that MLMs adopt, some allow to undo From: rewriting at the MDA level. > ARC > > doesn't preclude From munging. ARC verifiers can restore the original > > From: at rMDA level too. Actually, small receivers can simply trust > > selected, DMARC-aligned mailing lists and restore the original From: in > the > > cases where MLM saved it (w/o ARC). This kind of hack could be set up > > really quick. > > Please please can we stop doing this. Trying to unmunge rewritten From: > headers is totally out of scope for this group, and even if it weren't it > does not scale and has terrible security problems. (If good guys can put > in real rewrites, bad guys can put in fake rewrites, and if a recipient > can tell whose rewrites are good enough to unmunge, it can equally well > ignore whatever problem the rewrite was supposed to fix.) > +1 > > I will try and write something similar to what Scott suggests, describing > the problems without making us look foolish, and mentioning that there are > workarounds if you insist on sending p=reject messages on paths that DMARC > cannot describe. > I look forward to seeing this. > > R's, > John > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
