Re: [dmarc-ietf] Binding Operational Directive 18-01 require agencies to implement STARTTLS, SPF and DMARC
I've notified GlobalCyberAlliance, they have contacts at DHS /Henrik Schack On Thu, Oct 19, 2017 at 12:19 AM, Rolf E. Sonneveld < r.e.sonnev...@sonnection.nl> wrote: > Hi, > > See https://cyber.dhs.gov/ > > DKIM is mentioned but not required, nor any negative side effects that the > use of DMARC can have. Has anyone from the IETF been consulted for this > directive? > > /rolf > > ___ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > -- Mvh/Best regards Henrik Schack ICQ: 889295 http://henrik.schack.dk/ http://links.schack.dk/ ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
it's nice to see how many respondents in this thread gave all sorts of advise to Henrik how to deal with a problem, which basically cannot solved by him because it is caused by some 3rd party (modifying the body of a mail for adv. purposes). I interpreted Henrik's mail as a followup to the thread that John Kelly started, titled 'Indirect mail flows'. In my view both John and Henrik tried to make (a start of) an inventory of all sorts of real-life situations that potentially can break DKIM signatures or more in general: cause DMARC failures for legitimate mail flows where sending DMARC policy is p=reject. That's right, that was my original intention. /Henrik ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
IMO, the place to record the inventory is the wiki. Mailing lists are not a good place to keep such records. I would love to add it to the Wiki, unfortunately the Wiki signup features seems to be broken, wont accept any of my email addresses. And the person responsible does not respond when asking for help. /Henrik ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
[dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider breaking DKIM signatures. They break DKIM signatures on incoming email by adding a Virus scanned by line to the body of the email. Not sure how to fix this, but perhaps some day they'll get tired of my bi-monthly calls and emails complaining about how they do things. -- Mvh/Best regards Henrik Schack http://henrik.schack.dk/ ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
In this case it's not a header, but a line added to the body of the email Br Henrik Schack On Sep 15, 2014 8:51 PM, Tomki dmarci...@tomki.com wrote: Henrik, I think that the fact of virus scanning is more commonly just another header in the message, which would not break a properly created DKIM-Signature. For example your message (via the list) got to me with extra headers such as: X-IronPort-AV, X-IronPort-AS Perhaps that example from another major scanning system would help. --Tomki On 9/15/14 10:39, Henrik Schack wrote: In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider breaking DKIM signatures. They break DKIM signatures on incoming email by adding a Virus scanned by line to the body of the email. Not sure how to fix this, but perhaps some day they'll get tired of my bi-monthly calls and emails complaining about how they do things. -- Mvh/Best regards Henrik Schack http://henrik.schack.dk/ ___ dmarc mailing listdmarc@ietf.orghttps://www.ietf.org/mailman/listinfo/dmarc ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] Indirect mail flows: DKIM signature breakage by cloud anti-virus/spam provider
No it's not at all a free service. But they advertise anyway :-( Br Henrik On Mon, Sep 15, 2014 at 9:28 PM, Franck Martin fmar...@linkedin.com wrote: On Sep 15, 2014, at 7:39 PM, Henrik Schack henrik.sch...@gmail.com wrote: In Denmark we have a somewhat large (10K+ domains) anti-virus/spam provider breaking DKIM signatures. They break DKIM signatures on incoming email by adding a Virus scanned by line to the body of the email. Not sure how to fix this, but perhaps some day they'll get tired of my bi-monthly calls and emails complaining about how they do things. Is this a free service that they have to advertise themselves in the body of the email? If you pay for the service, may be you don’t want to get any advertisement? ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc -- Mvh/Best regards Henrik Schack ICQ: 889295 http://henrik.schack.dk/ http://links.schack.dk/ ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc