Re: [dmarc-ietf] Weaker single author signature

John R Levine writes: > If you can't use a spamming system to send a million messages a day > and expect a fair number of them to be delivered, it's not > interesting. Like I keep saying, while you can imagine > hypothetical spam scenarios, it's hard to think of one that would > be effective

Re: [dmarc-ietf] Weaker single author signature

> For this to work, you somehow need to persuade the real system to send > you a signed message from the address you're planning to abuse. That > seems like an implausible amount of work. I agree it sounds like a lot of work. But I don't see why you would bother attacking the resigning system a

Re: [dmarc-ietf] Weaker single author signature

John Levine writes: > For this to work, you somehow need to persuade the real system to send > you a signed message from the address you're planning to abuse. That > seems like an implausible amount of work. I agree it sounds like a lot of work. But I don't see why you would bother attacking

Re: [dmarc-ietf] Weaker single author signature

> > With double signing, you have the ability to distinguish between plain > > old spammers, and spammers who are screwing around with forwarded > > mail. I think that's a useful difference, since it is my impression > > that the set of malicious mutating forwarders is pretty small because > > it'

Re: [dmarc-ietf] Weaker single author signature

On 5/21/2015 5:00 PM, John Levine wrote: With double signing, you have the ability to distinguish between plain old spammers, and spammers who are screwing around with forwarded mail. That doesn't stop it from happening and targeting users that don't have the ability, capability installed, ha

Re: [dmarc-ietf] Weaker single author signature

Murray S. Kucherawy writes: > All of those options for any at-scale operator seem uncomfortable to me. > The most obvious advantages to me of this method over ATPS, TPA, and that > family of proposals are that (1) there's no additional DNS check required > because the third party endorsement i

Re: [dmarc-ietf] Weaker single author signature

John Levine writes: > With double signing, you have the ability to distinguish between plain > old spammers, and spammers who are screwing around with forwarded > mail. I think that's a useful difference, since it is my impression > that the set of malicious mutating forwarders is pretty smal

Re: [dmarc-ietf] Weaker single author signature

>On the inbound, I’m not sure whether or not we’d verify the DKIM v2 *or* >simply suppress the DMARC check and apply all of our other antispam filtering, >and update the MLM’s reputation accordingly. Well, gee, you can do that now. We hope you do, since that will also enable list mail from people

Re: [dmarc-ietf] Weaker single author signature

Dear Murray, See comments inline: On 5/21/15 8:24 AM, Murray S. Kucherawy wrote: On Wed, May 20, 2015 at 10:32 AM, Terry Zink > wrote: A weak single signature makes it more vulnerable to a replay attack. With two signatures, the MTA --> MLM is

Re: [dmarc-ietf] Weaker single author signature

On Thu, May 21, 2015 at 10:56 AM, Murray S. Kucherawy wrote: > > At Facebook there are no longer any email-enabled mailbox services, so > it's not among the more interesting of the big cases except for the scale > it handles. In terms of email it's just a forwarding service now. So > inbound, i

Re: [dmarc-ietf] Weaker single author signature

On Thu, May 21, 2015 at 10:27 AM, Terry Zink wrote: > > Not sure how other big mailers would do it, but I would think it would be > similar (especially Gmail). > > > At Facebook there are no longer any email-enabled mailbox services, so it's not among the more interesting of the big cases except

Re: [dmarc-ietf] Weaker single author signature

My understanding is that the bad guys were stealing Yahoo address book information and then mailing from OUTSIDE Yahoo to the recipients (not Yahoo) claiming to be from the Yahoo user that they stole the address book info from - thus the p=reject shutting the problem down almost immediately for

Re: [dmarc-ietf] Weaker single author signature

> You could do it only if some local secret sauce determines that the intended > recipient is an MLM... Then again, if the at-scale operators that are home to > most of the problem (we meet again, Mr. Pareto) are comfortable with using > whatever homegrown heuristics they use now with the commensur

Re: [dmarc-ietf] Weaker single author signature

> -Original Message- > From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of John Levine > Sent: Thursday, May 21, 2015 1:11 PM > To: dmarc@ietf.org > Cc: superu...@gmail.com > Subject: Re: [dmarc-ietf] Weaker single author signature > > >> The

Re: [dmarc-ietf] Weaker single author signature

>> The double signing hack limits the opportunity for trouble to mail >> systems that have a recent real message in hand. While I can >> certainly imagine spammy scenarios, it's hard to imagine ones that >> wouldn't be fairly easy to detect and shut down. ... >True, the damage is limited to the l

Re: [dmarc-ietf] Weaker single author signature

On Wed, May 20, 2015 at 10:32 AM, Terry Zink wrote: > A weak single signature makes it more vulnerable to a replay attack. With > two signatures, the MTA --> MLM is protected (which is important) and the > MLM --> MTA is also protected although there is a time window of > vulnerability. However,

Re: [dmarc-ietf] Weaker single author signature

On 5/20/2015 1:32 PM, Terry Zink wrote: If this hack essentially weakens a DKIM signed message so that it can survive the transport, the MLM changes and the final destination. then why not just do create this weakness with just one original v1 signature using the i= (AUID) to pass the resigner in

Re: [dmarc-ietf] Weaker single author signature

On 5/20/15 1:12 PM, Terry Zink wrote: > Hi, Doug, > >> > By having the Sender header field present, MUAs are able to >> > make this apparent to recipients and reduce someone's need >> > to search for often legitimate messages in spam folders. > I'm not sure why you keep bringing up the Sender: fi

Re: [dmarc-ietf] Weaker single author signature

x27;s email inbox. That is, " on behalf of ." Here it makes sense. But I think outside of a corporate environment, it's confusing. -- Terry -Original Message- From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Douglas Otis Sent: Wednesday, May 20, 2015 12:15 PM To: dm

Re: [dmarc-ietf] Weaker single author signature

On 5/20/15 10:32 AM, Terry Zink wrote: >> If this hack essentially weakens a DKIM signed message so that it can >> survive the transport, the MLM changes and the final destination. then >> why not just do create this weakness with just one original v1 >> signature using the i= (AUID) to pass t

Re: [dmarc-ietf] Weaker single author signature

Terry -Original Message- From: dmarc [mailto:dmarc-boun...@ietf.org] On Behalf Of Hector Santos Sent: Wednesday, May 20, 2015 4:53 AM To: dmarc@ietf.org Subject: [dmarc-ietf] Weaker single author signature With two sigs, all I can see is that the first leg of the transport is stronger PATH:

[dmarc-ietf] Weaker single author signature

With two sigs, all I can see is that the first leg of the transport is stronger PATH: MTA > MLM strong 1st party v1 signature PATH: MLM o---> MTA weak 1st party v2 signature If this hack essentially weakens a DKIM signed message so that it can survive the transport, the MLM changes