That reads to me as guidance for DMARC implementers on how to integrate SPF and
DKIM results for the purposes of DMARC. I think that's in scope for DMARCbis.
There's a multitude of ways people can screw these things up and we won't be
able to cover them all. The guidance needs to be somewhat
1) a receiver that will forward quarantined messages, and
do so without changing the bounce address. Solution: Don't Do That.
That's a confounding issue but not the root problem I think. Even if
Microsoft were to implement keeping the bounce address, it just means that
the spammer has to s
I don't think having this language is saying you can't do SPF. Rather this
is about preventing new spoofing attacks on DMARC aligned identity. In
particular where previously this attack was not possible on forwarders that
honored the p=reject policy, now that they will downgrade to quarantine, it
On Sat, Aug 5, 2023 at 1:01 PM John Levine wrote:
> It appears that Tim Wicinski said:
> >A malicious sender needs two properties to perform such a SPF upgrade
> >attack:
> >
> >1) a receiver that will forward quarantined messages, and
>
> do so without changing the bounce address. Solutio
I am reluctant to consider DMARCbis ready to button-up unless we have at
least a rough idea of how an evaluator uses it safely and appropriately in
the real world.
Doug
On Sun, Aug 6, 2023, 2:38 PM Scott Kitterman wrote:
> On Sunday, August 6, 2023 2:10:35 PM EDT Hector Santos wrote:
> > > O
On Fri, Aug 4, 2023 at 2:11 PM Scott Kitterman wrote:
>
>
> On August 4, 2023 4:15:35 PM UTC, Wei Chuang 40google@dmarc.ietf.org> wrote:
> >I noted at the DMARC session -117, that with the p=reject downgrade to
> >quarantine language, this increases the risk of SPF upgrade attacks due to
> >
On Sunday, August 6, 2023 2:10:35 PM EDT Hector Santos wrote:
> > On Aug 5, 2023, at 5:37 PM, Scott Kitterman wrote:
> >
> > On Saturday, August 5, 2023 3:59:02 PM EDT John Levine wrote:
> >> It appears that Scott Kitterman said:
> When receivers apply the "MUST NOT reject" in Section 8.6
On Sun, Aug 6, 2023 at 8:50 AM Alessandro Vesely wrote:
> On Sun 06/Aug/2023 11:38:18 + Tim Wicinski wrote:
>
> > On Sun, Aug 6, 2023 at 7:14 AM Alessandro Vesely wrote:
> >> On Sat 05/Aug/2023 22:24:28 + Tim Wicinski wrote:
> >>>
> >>> [...]
> >>>
> >>> 5.3. General Record Format
> >>>
> On Aug 5, 2023, at 5:37 PM, Scott Kitterman wrote:
>
> On Saturday, August 5, 2023 3:59:02 PM EDT John Levine wrote:
>> It appears that Scott Kitterman said:
When receivers apply the "MUST NOT reject" in Section 8.6 to accept
unauthenticated messages as quarantined messages, recei
On Sun 06/Aug/2023 11:38:18 + Tim Wicinski wrote:
On Sun, Aug 6, 2023 at 7:14 AM Alessandro Vesely wrote:
On Sat 05/Aug/2023 22:24:28 + Tim Wicinski wrote:
[...]
5.3. General Record Format
auth: (comma-separated plain-text list of dmarc-methods; OPTIONAL;
default is "spf,dkim")
On August 6, 2023 11:02:04 AM UTC, Alessandro Vesely wrote:
>On Sat 05/Aug/2023 21:37:31 + Scott Kitterman wrote:
>> On Saturday, August 5, 2023 3:59:02 PM EDT John Levine wrote:
>>> It appears that Scott Kitterman said:
> When receivers apply the "MUST NOT reject" in Section 8.6 to a
On Sun, Aug 6, 2023 at 7:14 AM Alessandro Vesely wrote:
> On Sat 05/Aug/2023 22:24:28 + Tim Wicinski wrote:
> >
> > [...]
> >
> > 5.3. General Record Format
> >
> >
> > auth: (comma-separated plain-text list of dmarc-methods; OPTIONAL;
> default is "spf,dkim")
> >
> > Indicates the sup
On Sat 05/Aug/2023 22:24:28 + Tim Wicinski wrote:
[...]
5.3. General Record Format
auth: (comma-separated plain-text list of dmarc-methods; OPTIONAL; default is
"spf,dkim")
Indicates the supported authentication methods. The order of the list is
not significant and
unknown
On Sat 05/Aug/2023 21:37:31 + Scott Kitterman wrote:
On Saturday, August 5, 2023 3:59:02 PM EDT John Levine wrote:
It appears that Scott Kitterman said:
When receivers apply the "MUST NOT reject" in Section 8.6 to accept
unauthenticated messages as quarantined messages, receivers SHOULD
c
Count| Bytes | Who
++---
56 ( 100%) | 517888 ( 100%) | Total
7 (12.5%) | 51382 ( 9.9%) | Scott Kitterman
6 (10.7%) | 85255 (16.5%) | Tim Wicinski
6 (10.7%) | 37521 ( 7.2%) | Alessandro Vesely
5 ( 8.9%) | 37075 ( 7.2%) | Murray S. Kuch
15 matches
Mail list logo