Re: [dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy

2014-06-08 Thread Al Iverson via dmarc-discuss
On Sun, Jun 8, 2014 at 12:22 AM, David Woodhouse via dmarc-discuss wrote: > Any bank *not* signing its direct-to-customer email should be prosecuted > as an accessory to fraud which it is enabling by actively training its > customers to succumb to phishing :) Since none of them do sign their mai

Re: [dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy

2014-06-08 Thread Al Iverson via dmarc-discuss
On Sun, Jun 8, 2014 at 12:13 AM, Dave Crocker wrote: > On 6/8/2014 1:26 AM, Al Iverson via dmarc-discuss wrote: >> On Sat, Jun 7, 2014 at 12:44 PM, Dave Crocker via dmarc-discuss > >>> Keeping in mind that the mailing list scenario has always been >>> legitimate use, >> >> SMTP relay was a legitim

Re: [dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy

2014-06-08 Thread Matt Simerson via dmarc-discuss
On Jun 8, 2014, at 8:50 AM, Al Iverson via dmarc-discuss wrote: > On Sun, Jun 8, 2014 at 12:13 AM, Dave Crocker wrote: >> Again, closing relays carried an entirely adequate alternative via port >> 587 for authorized users. No such equivalence is available when DMARC >> breaks mailing list use

Re: [dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy

2014-06-08 Thread David Woodhouse via dmarc-discuss
On Sun, 2014-06-08 at 10:50 -0500, Al Iverson via dmarc-discuss wrote: > > > Again, closing relays carried an entirely adequate alternative via port > > 587 for authorized users. No such equivalence is available when DMARC > > breaks mailing list use. > > Not at first it didn't -- it looks like

Re: [dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy

2014-06-08 Thread David Woodhouse via dmarc-discuss
On Sun, 2014-06-08 at 10:52 -0500, Al Iverson via dmarc-discuss wrote: > On Sun, Jun 8, 2014 at 12:22 AM, David Woodhouse via dmarc-discuss > wrote: > > > Any bank *not* signing its direct-to-customer email should be prosecuted > > as an accessory to fraud which it is enabling by actively trainin

Re: [dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy

2014-06-08 Thread Larry Finch via dmarc-discuss
David, On your most recent message my Mac client says “Unable to verify message signature”. Clicking on “Show details” it says that the certificate is not valid, email address mismatch. Were you out to prove something? best regards, Larry On Jun 8, 2014, at 1:36 PM, David Woodhouse via dmarc

Re: [dmarc-discuss] MLM and Header-From rewritting - the SMTPopen-relay analogy

2014-06-08 Thread Steve Atkins via dmarc-discuss
On Jun 8, 2014, at 2:21 PM, Larry Finch via dmarc-discuss wrote: > David, > > On your most recent message my Mac client says “Unable to verify message > signature”. Clicking on “Show details” it says that the certificate is not > valid, email address mismatch. > > Were you out to prove some