On Mon, 9 Dec 2024, Tero Kivinen wrote:
And if someone invents a way to use this attack vector to do something
bad (even if we have not invented how to use things for attacks does
not mean that someone does not do that in the future), how much you
want to do pay for us to come back in few years and fix the standard
and also all the implementations in short timeframe to stop that
attack?

Since we're talking about an attack that has been hypothetically possible for a decade but has never occured, the obvious answer is zero.

Furthermore, as I have pointed out several times, if someone wanted to send fake aggregate reports, there's no way to stop them. Bad guys can sign as easily as good guys. Separate reports for each domain would not change that.

  Email streams carrying DMARC feedback data MUST conform to the DMARC
  mechanism, thereby resulting in an aligned "pass" (see Section 3.1).

That is fine, if they're DKIM signed you can use the usual reputation analysis to decide whose mail to accept.

  This practice minimizes the risk of report consumers processing
  fraudulent reports.

That is not really true but it's not worth taking out.

That's fine, but now that everyone needs to update the XML they produce
anyway, ...

Uh, what?

Sorry, I was wrong there. Of course we need updated XML if only to add the flag for whether you did a tree walk. In my defense, tweaking the XML scripts and adding a few fields to the analysis datahases is a lot easier than completely redoing the way you send the reports. I've written analysis scripts, so I speak from some experience here.

Regards,
John Levine, jo...@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

_______________________________________________
dmarc mailing list -- dmarc@ietf.org
To unsubscribe send an email to dmarc-le...@ietf.org

Reply via email to