Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

It appears that Alessandro Vesely said: >> If you trust the mailing list signature, doesn't that also mean you trust >> the list to behave "well"? If that's true, then why do you need Author? > >I trust the list to not allow attacks featuring spoofed Author:. (Spoofed >From: are possible but

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Fri, Aug 12, 2022 at 12:28 PM John R Levine wrote: > On Fri, 12 Aug 2022, Alessandro Vesely wrote: > >> When Dave proposed the Author header, part of the idea was that DMARC > could > >> use it rather than From. > > > > IIRC that was the Sender: field. > > No, DMARC decided not to use Sender

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Fri, 12 Aug 2022, Alessandro Vesely wrote: When Dave proposed the Author header, part of the idea was that DMARC could use it rather than From. IIRC that was the Sender: field. No, DMARC decided not to use Sender back when DMARC was new. Dave suggested using Author to work around the

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Thu 11/Aug/2022 18:26:38 +0200 Murray S. Kucherawy wrote: A domain owner can know, for instance, that it only sends transactional messages that have no purpose to ever go to a mailing list.  Such an operator can safely set "p=reject" because the risk of the collateral damage about which

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Thu 11/Aug/2022 19:47:17 +0200 John R Levine wrote: On Thu, 11 Aug 2022, Murray S. Kucherawy wrote: It only works if all or most lists add Author (none do today, and it would take a long time to get this rolled out if they started), and no other software co-opts and mutates it for whatever

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Fri 12/Aug/2022 08:46:45 +0200 Murray S. Kucherawy wrote: On Thu, Aug 11, 2022 at 3:16 AM Alessandro Vesely wrote: That's the /complicated/ de-munging strategy. The much simpler approach I described upthread would work 100% of cases for lists that add the Author: field. It is a little

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Thu, Aug 11, 2022 at 3:16 AM Alessandro Vesely wrote: > That's the /complicated/ de-munging strategy. The much simpler approach I > described upthread would work 100% of cases for lists that add the Author: > field. It is a little less secure, as you need to trust the mailing list >

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

I am not proposing a list. I said that the contents of the list are local policy. But the examples that I gave are examples that must be handled by anyone who attempts to implement DMARC. By failing to discuss them, we leave each new system administrator to discover the problems on his own.

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Thu, 11 Aug 2022, Murray S. Kucherawy wrote: It only works if all or most lists add Author (none do today, and it would take a long time to get this rolled out if they started), and no other software co-opts and mutates it for whatever reason. Those are big enough conditions that I'm a bit

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Thu, Aug 11, 2022 at 6:25 AM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote: > The solution is within the evaluators control, which eliminates the > dubious strategy of waiting for everyone else to behave the way the > evaluator or MLM thinks they should. > > But there has been a

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Thu, Aug 11, 2022 at 4:50 AM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote: > You say we need to preach at domain owners to lower defenses on 100% of > their mail because one or more unthinking evaluators may do something > foolish with a small percentage of their mail. > > I say

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

Ale's approach has the best fit with our current reality. Lists continue to mung everything, because they cannot or will not mung conditionally, and this ensures that nothing is blocked by P=reject. Participating lists also supply an author field to simplify un-munging, and probably a DKIM

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

No, I am not saying that we need to develop a tool to detect the difficult cases. You say we need to preach at domain owners to lower defenses on 100% of their mail because one or more unthinking evaluators may do something foolish with a small percentage of their mail. I say that we need to

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Wed 10/Aug/2022 15:02:39 +0200 Barry Leiba wrote: This list saves From: in X-Original-From:. It'd cost nothing to switch to Author: instead. The arc list, however, saves it by appending to Reply-To:. The point is to agree on a field name. Author: seems the most promising one. Now,

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Thu 11/Aug/2022 06:28:53 +0200 Murray S. Kucherawy wrote: On Wed, Aug 10, 2022 at 10:44 AM Douglas Foster wrote: Telling domain owners not to use p=reject is not the solution; the real solution is for evaluators to act wisely, and to review other available evidence carefully. Our document

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Wed 10/Aug/2022 16:52:53 +0200 John R Levine wrote: On Wed, 10 Aug 2022, Barry Leiba wrote: Yeh, I have to take serious issue with this: It's not a "tantrum" to say that it's not reasonable to require all mailing list software and every mailing list in the world to change what's worked for

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Wed, Aug 10, 2022 at 10:44 AM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote: > "Breaking long-standing practice" is not the fault of the domain owner > policy, it is the fault of DMARC being oversold and the DMARC result being > applied by the evaluator in a way that undermines

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

Your expectations are very different from mine. 1) MLMs have a releationship with their subscribers, and could collect data for conditional munging, if they chose to do so and their software provided the necessary capability. 2) I don't see how "wide deployment" can ever be determined without a

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

"Breaking long-standing practice" is not the fault of the domain owner policy, it is the fault of DMARC being oversold and the DMARC result being applied by the evaluator in a way that undermines the interest of his own recipients. Consider the possible causes of DMARC FAIL: Failures that can be

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

Indeed, a problem with munging, or with any other workaround that mailing-list software might do, is that the problem happens at subscribers' domains, not at the mailing-list domain, and the mailing list software has no idea what's going to happen on the subscriber's side. It can only see that

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Wed, 10 Aug 2022, Barry Leiba wrote: Yeh, I have to take serious issue with this: It's not a "tantrum" to say that it's not reasonable to require all mailing list software and every mailing list in the world to change what's worked for decades in order to work around a problem caused by use

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

To avoid munging, MLMs have a double problem: (1) the evaluator must find an alternative to DMARC for concluding that the message is "not untrusted", and (2) the MLM must know that this trust has been granted. If (2) is known for some recipients but not others, the MLM must be able to make

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

> This list saves From: in X-Original-From:. It'd cost nothing to switch to > Author: instead. The arc list, however, saves it by appending to Reply-To:. > The point is to agree on a field name. Author: seems the most promising one. > > Now, everybody complains about how From: munging ruined

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Wed 10/Aug/2022 06:39:47 +0200 Scott Kitterman wrote: ARC's added value is only meaningful for receivers whose reputation system is so sophisticated that that info matters. That is, for global mailbox providers. The only point I would add is that "reputation system is so sophisticated

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Wed 10/Aug/2022 06:14:04 +0200 Murray S. Kucherawy wrote: On Tue, Aug 9, 2022 at 2:01 AM Alessandro Vesely wrote: Because there are more ways for a forwarder to change a message than you or I can describe. That critic applies to my draft, not to unmunging in general. The only change we

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Tuesday, August 9, 2022 12:45:34 PM EDT John R Levine wrote: > > Not quite. Lists are already screwed up, AFAICS. > > Right. Lists were fine until DMARC screwed them up. > > >> Because there are more ways for a forwarder to change a message than you > >> or > >> I can describe. > > > >

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Tue, Aug 9, 2022 at 2:01 AM Alessandro Vesely wrote: > > Because there are more ways for a forwarder to change a message than you > or > > I can describe. > > That critic applies to my draft, not to unmunging in general. The only > change we care about here is the From: field. While there

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

Not quite. Lists are already screwed up, AFAICS. Right. Lists were fine until DMARC screwed them up. Because there are more ways for a forwarder to change a message than you or I can describe. That critic applies to my draft, not to unmunging in general. The only change we care about

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Mon 08/Aug/2022 14:45:25 +0200 John Levine wrote: Actually, small receivers can simply trust selected, DMARC-aligned mailing lists and restore the original From: in the cases where MLM saved it (w/o ARC).  This kind of hack could be set up really quick. > Please please can we stop doing

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

Actually, small receivers can simply trust selected, DMARC-aligned mailing lists and restore the original From: in the cases where MLM saved it (w/o ARC). This kind of hack could be set up really quick. > Please please can we stop doing this.  Trying to unmunge rewritten From: headers is

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Mon 08/Aug/2022 00:40:47 +0200 John Levine wrote: On Sun, 7 Aug 2022, Alessandro Vesely wrote: Actually, small receivers can simply trust selected, DMARC-aligned mailing lists and restore the original From: in the cases where MLM saved it (w/o ARC). This kind of hack could be set up

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

> On 8 Aug 2022, at 05:10, Murray S. Kucherawy wrote: > > On Sun, Aug 7, 2022 at 4:07 PM Douglas Foster > > wrote: > Evaluators need to use much more sophistication, when applying DMARC, than > simply applying the formula and doing whatever the

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Sun, Aug 7, 2022 at 4:07 PM Douglas Foster < dougfoster.emailstanda...@gmail.com> wrote: > Evaluators need to use much more sophistication, when applying DMARC, than > simply applying the formula and doing whatever the policy suggests. > I think that's common practice. The people on this

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

On Sun, Aug 7, 2022 at 6:41 PM John R Levine wrote: > Moving this back to the main list: > > I said: > Even if I agreed that it would be a good idea for every mailing list in the > world to rewrite From lines so it's harder to tell who the messages are > from and > you can't reply reliably,

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

Yes. Evaluators need to use much more sophistication, when applying DMARC, than simply applying the formula and doing whatever the policy suggests. Developers need to provide exception mechanisms which permit that complexity to be implemented as local policy. This means we need language to

Re: [dmarc-ietf] Girl Scout troops vs MLM problems (#70)

Moving this back to the main list: I said: Even if I agreed that it would be a good idea for every mailing list in the world to rewrite From lines so it's harder to tell who the messages are from and you can't reply reliably, there's no way that would survive last call. Remember that a few large