On Wed, Apr 1, 2015 at 6:00 PM, Michael Jack Assels < mjass...@encs.concordia.ca> wrote:
> > The case of a syntactically valid multi-valued RFC5322.From field > presents a particular challenge. The process in this case is to > apply the DMARC check using each of those domains found in the > RFC5322.From field as the Author Domain and apply the most strict > policy selected among the checks that fail. > > (The word "fail" leaves me confused. Shouldn't that be "pass"?) > DMARC's "p=" describes the action to take when the evaluation mechanism fails. There is no policy to apply (other than, I suppose, an implicit "accept" action) when DMARC passes. > > At any rate, it seems to me that if DMARC would be satisfied by a Mediator > making substantial modifications to my message, changing the RFC5322.From > to > > From: "Michael Jack Assels" <mjass...@porn-list.example.xxx> > > and signing appropriately, it ought to be similarly happy with > > From: "Michael Jack Assels" <mjass...@encs.concordia.ca>, > "dmarc" <no-re...@ietf.org> > Sender: "dmarc" <dmarc-boun...@ietf.org> > > signed by IETF's sending MTA. Assuming that the usual change is made to > the Subject line and the usual trailer is appended to the message body, > only the "ietf.org" identity ought to align with "the" RFC5322.From > domain, > and I can't see a reason why DMARC wouldn't be happy. Yes, someone could > have spoofed my address, but IETF's receiver will have had an opportunity > to check that, so it's either IETF's fault for accepting the original > message > or my MTA's fault for not being DMARC compliant. > > In this case, the mailing list would be doing what's asked of it by DMARC, > but keeping (most of) it's time honoured values intact. This could work, except that if this yields favorable treatment by the receiver, then that's all an attacker needs to do to get to your inbox (i.e., double up the From: using an arbitrary domain name, and make sure the message satisfies the DMARC test for the latter). The exception to that is some expression, which the receiver can confirm, that domain2 and domain1 have some kind of relationship that's interesting to this process. -MSK
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
