> On Dec 5, 2017, at 2:23 PM, Grant Taylor wrote:
>
> What's worse, no security, or bad / false security?
That's DMARC's motto.
Cheers,
Steve
___
NOTE WELL: This list operates according to
> On Dec 5, 2017, at 1:36 PM, Dave Crocker <dcroc...@bbiw.net> wrote:
>
> On 12/5/2017 1:33 PM, Steve Atkins wrote:
>> It's a DMARC issue rather than a DKIM one.
>
>
> How is it a DMARC issue?
From: {spoo-that-expands-to bill...@paypal.com\0}@badpeople.ru w
> On Dec 5, 2017, at 1:24 PM, Pawel Lesnikowski
> wrote:
>
> Hi All,
>
> I'm not sure if you noticed but it seems many client are affected by
> 'mailsploit':
> https://www.mailsploit.com/index
>
> Basically the attacker uses special characters inside encoded words
I thought this might be of interest to DKIM implementers.
> Begin forwarded message:
>
> From: Laura Atkins
>
> A company called TrueMail is suing the above 3 companies claiming DKIM is an
> infringement of 3 patents they own.
>
> Docs are up:
>
>
On Jan 27, 2015, at 8:43 AM, A. Schulze s...@andreasschulze.de wrote:
Hello everybody,
Murray encourage me to ask here:
https://tools.ietf.org/html/rfc6376#section-3.3.3 say
Signers MUST use RSA keys of at least 1024 bits for long-lived keys.
and
Verifiers MUST be able to
On Jan 27, 2015, at 11:24 AM, A. Schulze s...@andreasschulze.de wrote:
Steve Atkins:
From operational perspective I experience no drawback using 4k RSA
keys for DKIM.
How do you know?
Not for sure. There was a feature to request reports in opendkim. Some people
used that and I got
On Jul 7, 2011, at 3:21 PM, John Levine wrote:
Will your assume one more From than listed in h= lead to failed
verifications on messages that actually follow the advice in the RFC
to list duplicate headers in their h= values?
The RFC also says you shouldn't sign messages that aren't RFC
On Jul 2, 2011, at 9:08 PM, Murray S. Kucherawy wrote:
We have a week. Murray will be posting the update (-14) very soon.
Please review and comment by 11 July.
The update has been posted. For your convenience:
http://datatracker.ietf.org/doc/draft-ietf-dkim-rfc4871bis/
You can also
On Jun 24, 2011, at 10:33 AM, Douglas Otis wrote:
Complaints from John, Dave, and Barry and others is likely and
understandably out of fatigue. They just want the process to be over.
We are now hearing there is a vital protocol layering principle at stake
which even precludes DKIM
On Jun 24, 2011, at 4:04 PM, Douglas Otis wrote:
On 6/24/11 2:43 PM, Steve Atkins wrote:
Your current argument is of the form:
Doug: X is bad, and could theoretically lead to end-user confusion in
one particular obscure replay scenario, given a carefully chosen set of
assumptions
On May 30, 2011, at 3:23 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Steve Atkins
Sent: Monday, May 30, 2011 9:14 AM
To: DKIM List
Subject: Re: [ietf-dkim] New canonicalizations
On May 29, 2011, at 9:04 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Alessandro Vesely
Sent: Saturday, May 28, 2011 9:29 AM
To: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] New
On May 26, 2011, at 12:02 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of John R. Levine
Sent: Thursday, May 26, 2011 6:40 AM
To: Ian Eiloart
Cc: DKIM List
Subject: Re: [ietf-dkim] DKIM
On May 26, 2011, at 1:13 PM, Franck Martin wrote:
On 5/26/11 12:21 , Steve Atkins st...@wordtothewise.com wrote:
In my experience with traditional discussion MLMs (which is the situation
we're talking about) if I trust the MLM, I generally don't care about who
the participants
On May 26, 2011, at 1:50 PM, Hector Santos wrote:
Steve Atkins wrote:
In my experience with traditional discussion MLMs (which is the situation
we're talking about) if I trust the MLM, I generally don't care about
who the participants are.
If by traditional, you mean the members
On May 26, 2011, at 2:53 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Steve Atkins
Sent: Thursday, May 26, 2011 2:10 PM
To: DKIM List
Subject: Re: [ietf-dkim] MLMs and signatures again
On May 26, 2011, at 3:24 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Steve Atkins
Sent: Thursday, May 26, 2011 3:20 PM
To: DKIM List
Subject: Re: [ietf-dkim] MLMs and signatures again
On May 24, 2011, at 3:55 AM, Ian Eiloart wrote:
On 23 May 2011, at 23:10, Franck Martin wrote:
There is an interesting post today on
http://chilli.nosignal.org/mailman/listinfo/mailop about exim and 8bit
It seems they will stop to downgrade.
Exim doesn't downgrade. It doesn't
On May 9, 2011, at 7:56 AM, Dave CROCKER wrote:
On 5/9/2011 7:40 AM, MH Michael Hammer (5304) wrote:
I'd like to request that we specifically test for consensus on
deprecating l= through the usual +1/-1 approach. No miring, just a
vote.
This isn't my vote, but a comment:
Oddly,
On May 6, 2011, at 12:09 PM, John R. Levine wrote:
this, but I need to get a clear view of consensus. Doug agrees with
Hector's note, below, and Dave and Murray do not. I'd like to hear
from others within the next few days, about whether you think we
should make the change Hector requests
On Apr 7, 2011, at 5:05 AM, Charles Lindsey wrote:
On Wed, 06 Apr 2011 21:18:11 +0100, Steve Atkins st...@wordtothewise.com
wrote:
The only safe way to add proprietary gunk into the dkim-signature
header is to add it to the IANA DKIM-Signature tag registry
(how does that happen
On Apr 7, 2011, at 5:13 AM, Charles Lindsey wrote:
On Wed, 06 Apr 2011 17:29:49 +0100, Steve Atkins st...@wordtothewise.com
wrote:
As a concrete example, if I wanted to include the authenticated
age of each email sender (something the gambling industry might
be interested in) then I can
On Apr 6, 2011, at 4:10 AM, Charles Lindsey wrote:
On Tue, 05 Apr 2011 11:33:10 +0100, Rolf E. Sonneveld
r.e.sonnev...@sonnection.nl wrote:
Ad 2. To give some examples of use profiles:
* of course, the first thing that comes to mind is to use DKIM as
mechanism to build
On Apr 6, 2011, at 9:07 AM, Michael Thomas wrote:
On 04/06/2011 08:48 AM, Steve Atkins wrote:
That sounds like a fragile way to extend things - leave a little used feature
around and hope someone who wants something new hijacks that
field in a non-conflicting way instead. (Which may
On Apr 6, 2011, at 11:05 AM, Michael Thomas wrote:
On 04/06/2011 10:53 AM, Murray S. Kucherawy wrote:
Having cross semantic correlation of what headers mean with the
presence of dkim signatures from various different signers seems
like a lot more of layer violation to me.
That a DKIM
On Apr 6, 2011, at 12:52 PM, Michael Thomas wrote:
On 04/06/2011 12:34 PM, Steve Atkins wrote:
On Apr 6, 2011, at 11:05 AM, Michael Thomas wrote:
\
The alternative would be very squirrelly when you think
of the general case of multiple signers in the path.
The approach I suggest
On Apr 4, 2011, at 1:21 PM, Franck Martin wrote:
I think you are thinking it as only a DNS issue.
But creating a sub-domain, means that the from needs to match too, therefore
you may need to remap all your corporate email addresses from j...@iecc.com
to j...@corp.ieec.com to separate
On Apr 3, 2011, at 9:45 AM, Murray S. Kucherawy wrote:
I think when it's clear there's no more progress that can be made, you close
down and move on. You can always start up a WG later when there's a chance
for better progress or new work to be done.
Also, having the workgroup still open
On Jan 13, 2011, at 2:41 AM, Charles Lindsey wrote:
On Wed, 12 Jan 2011 17:10:52 -, Dave CROCKER d...@dcrocker.net wrote:
This raise a specific and interesting technical point. I haven't seen a
response so far, so...
The core of this technology has keys that are named and accessed
On Oct 26, 2010, at 1:49 AM, Hector Santos wrote:
I will not pretend to know (nor really care) what it will take to get
over this documentation dilemma but I will provide my comments here:
Murray S. Kucherawy wrote:
8.14 Malformed Inputs
DKIM allows additional header fields to be
On Oct 25, 2010, at 9:58 PM, Murray S. Kucherawy wrote:
8.14 Malformed Inputs
DKIM allows additional header fields to be added to a signed message without
breaking the signature. This tolerance can be abused, e.g. in a replay
attack, by adding additional instances of header fields that
On Oct 24, 2010, at 10:50 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Steve Atkins
Sent: Sunday, October 24, 2010 10:36 PM
To: IETF DKIM WG
Subject: Re: [ietf-dkim] Proposal for new
On Oct 25, 2010, at 8:11 AM, John R. Levine wrote:
hangText=NOTE: The use of wildcard TXT records in the
DNS will produce a response to a DKIM query that is
unlikely to be valid DKIM key record. This problem
applies to many other types of queries, and client
software that
On Oct 25, 2010, at 8:07 AM, John R. Levine wrote:
The one that stands out is multipart/signed (from RFC1847) which drops to
about a 65% survival rate. I don't know much about how this is typically
formatted or treated enroute, but it was easily the biggest outlier in the
report. Not
On Oct 25, 2010, at 12:19 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Steve Atkins
Sent: Monday, October 25, 2010 9:56 AM
To: IETF DKIM WG
Subject: Re: [ietf-dkim] Proposal for new text
On Oct 25, 2010, at 1:58 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Steve Atkins
Sent: Monday, October 25, 2010 12:54 PM
To: IETF DKIM WG
Subject: Re: [ietf-dkim] Proposal for new text
On Oct 25, 2010, at 5:48 PM, John R. Levine wrote:
Isn't the more interesting attack a signature from some throwaway domain
that covered a matching From: but also contained a From: indicating some
high-value phish target?
Not really, no. Signing the From: field means nothing other than
On Oct 24, 2010, at 9:05 PM, Murray S. Kucherawy wrote:
Here’s my proposal for a section in Security Considerations to talk about the
malformation issues that have been discussed on the list. This is an
addition to -02 directly and does not continue from any of the other
proposals.
I
On Oct 24, 2010, at 9:55 PM, Mark Delany wrote:
The universe of email is replete with software that forgives
messages which do not conform strictly to the grammar that defines
what valid email looks like. This is a long-standing practice known
informally as the robustness principle,
On Oct 24, 2010, at 10:15 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Steve Atkins
Sent: Sunday, October 24, 2010 9:54 PM
To: IETF DKIM WG
Subject: Re: [ietf-dkim] Proposal for new text
On Oct 22, 2010, at 8:28 AM, Barry Leiba wrote:
1. How to handle a key record with empty g= and absent v= (section
6.1.2, list item 6).
Proposed change: Remove g= altogether, along with all references to
it. Surveys of what's out there show vanishingly few cases that use
g= with any value
On Oct 21, 2010, at 9:53 AM, Murray S. Kucherawy wrote:
Take a tour through the eleven parts of Section 7 of RFC5451, and then
Appendices A and C. They provide all kinds of warnings about misinterpreting
the data provided, which amounts to pretty firm implementation advice, and
On Oct 20, 2010, at 3:19 PM, Murray S. Kucherawy wrote:
Validating mail syntax belongs in the specification for the mail
components and DKIM work belongs in the DKIM components.
That's why, layer violation or no, I think it's important to distinguish
between format errors that are likely
On Oct 20, 2010, at 6:08 PM, Scott Kitterman wrote:
Michael Thomas m...@mtcc.com wrote:
On 10/20/2010 04:36 PM, Steve Atkins wrote:
On Oct 20, 2010, at 3:19 PM, Murray S. Kucherawy wrote:
Validating mail syntax belongs in the specification for the mail
components and DKIM work
On Oct 18, 2010, at 5:50 PM, John Levine wrote:
difference between a green bar SSL page and one with no SSL. I don't want
to mess with the MUA at all, but rather use DKIM to help decide what
messages to show her and which messages to consign to the junk folder.
Why do we think such a
On Oct 15, 2010, at 9:50 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Charles Lindsey
Sent: Friday, October 15, 2010 7:30 AM
To: DKIM
Subject: Re: [ietf-dkim] detecting header mutations
On Oct 15, 2010, at 10:58 AM, Barry Leiba wrote:
On Fri, Oct 15, 2010 at 1:27 PM, Hector Santos hsan...@isdg.net wrote:
Murray S. Kucherawy wrote:
I appreciate the desire to put more information in there to help, but
we really can't be writing a tutorial on managing DNS records.
+1.
On Oct 15, 2010, at 1:51 PM, MH Michael Hammer (5304) wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of bill.ox...@cox.com
Sent: Friday, October 15, 2010 11:59 AM
To: dcroc...@bbiw.net
Cc: ietf-dkim@mipassoc.org
On Oct 15, 2010, at 7:13 PM, John Levine wrote:
In this case, we've gone to some lengths to make the environment
pure, by using the underscore branch. And then along come these
pesky wildcards.
Even without wildcards, there's been a variety of broken key records.
I would hope it would
On Oct 15, 2010, at 7:56 PM, Hector Santos wrote:
Steve Atkins wrote:
I'd think it'd be approximately the same as if the private
signing key (the only other mandatory input I can think of at the
moment) wasn't present.
If it fails, it's broken, I think. There's nothing special about
On Oct 14, 2010, at 4:44 PM, John R. Levine wrote:
if for nothing else to ensure that some future DKIM++ doesn't
inadvertently reuse g= to mean something else.
Isn't that what the IANA registry is there to prevent?
I dunno. What does IANA do in cases like these?
On Oct 13, 2010, at 8:07 AM, Rolf E. Sonneveld wrote:
or
a special selector (e.g. s=notifications), to identify the different
nature of this mail stream?
No. Never do this.
Selectors are an operational convenience for key rotation and
ease of domain delegation. They have no semantics
On Oct 13, 2010, at 1:59 PM, Mark Delany wrote:
It strikes me that a DKIM verifier is already well into the business
of 2822 semantics as it knows about headers, header labels,
continuation syntax, header/body boundaries and so on.
In that light, taking an additional step wrt duplicate
Anyone recognize 550 5.7.0 bad DKIM signature data?
A couple of folks just got bounced off a mailing list due to their MTAs doing
that in response to some mail I sent, so I'm interested in what software might
do that.
Cheers,
Steve
___
NOTE WELL:
On Oct 6, 2010, at 1:47 AM, Mark Delany wrote:
That this is not in 4871 seems to be mostly a WG assumption that
should be made explicit.
I think several of us thought it was in there, but on review it apparently
was indeed lost somewhere along the way. We've certainly, as I understand
On Oct 6, 2010, at 3:01 PM, Scott Kitterman wrote:
Dave CROCKER d...@dcrocker.net wrote:
On 10/6/2010 8:00 AM, Steve Atkins wrote:
It also changes what DKIM means,
...
Either the message has a valid DKIM signature, or it does not. If the
signature is valid, then the signing
On Oct 1, 2010, at 8:11 AM, Jeff Macdonald wrote:
On Fri, Oct 1, 2010 at 2:48 AM, Murray S. Kucherawy m...@cloudmark.com
wrote:
The results in Section 4.1.2 mention Author vs. Third-Party. That
is more about ADSP than DKIM.
True. It should probably come out.
It could mean that or
On Sep 30, 2010, at 4:05 AM, Charles Lindsey wrote:
On Wed, 29 Sep 2010 18:52:01 +0100, John Levine jo...@iecc.com wrote:
This might be a good time to remind people that MLMs in their
current form are not broken, and any proposal that requires them to
stop doing something that they're
On Sep 28, 2010, at 5:10 AM, Graham Murray wrote:
Ian Eiloart i...@sussex.ac.uk writes:
Oh, but I already know that my MLM is going to break any message with a
signed body. UK law practically mandates the addition of unsubscription
information in a message footer. We certainly require it
On Sep 28, 2010, at 11:34 AM, J.D. Falk wrote:
On Sep 24, 2010, at 11:05 AM, John Levine wrote:
Do concepts generalize enough to allow issuing
draft-ietf-dkim-mailinglists also for these authoring MLMs?
No. All of the complications in mailing lists arise from the fact
that the author
On Sep 16, 2010, at 8:32 AM, Jeff Macdonald wrote:
On Thu, Sep 16, 2010 at 10:31 AM, MH Michael Hammer (5304) mham...@ag.com
There was a (hard won) consensus that a signature by
the owner/admin of a domain carries more weight than the signature of a
3rd party because the owner/admin of the
On Sep 16, 2010, at 10:24 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Jeff Macdonald
Sent: Thursday, September 16, 2010 8:32 AM
To: DKIM List
Subject: Re: [ietf-dkim] Who signs what
On Sep 16, 2010, at 10:52 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Steve Atkins
Sent: Thursday, September 16, 2010 10:39 AM
To: DKIM List
Subject: Re: [ietf-dkim] Who signs what
On Sep 16, 2010, at 11:18 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-boun...@mipassoc.org]
On Behalf Of Steve Atkins
Sent: Thursday, September 16, 2010 11:08 AM
To: DKIM List
Subject: Re: [ietf-dkim] Who signs what
On Sep 15, 2010, at 8:30 AM, McDowell, Brett wrote:
On Sep 15, 2010, at 11:02 AM, Jeff Macdonald wrote:
On Wed, Sep 15, 2010 at 10:43 AM, McDowell, Brett
bmcdow...@paypal-inc.com wrote:
On Sep 15, 2010, at 12:11 AM, Murray S. Kucherawy wrote:
Based on that (rather precise)
On Sep 14, 2010, at 12:35 PM, J.D. Falk wrote:
...but not for the reasons the anti-ADSP folks keep bringing up.
DKIM is failing because every discussion about actually /using/ DKIM
inevitably gets stuck in the same old argument about ADSP. Doesn't even
matter what the argument is about
On Sep 10, 2010, at 11:27 AM, Charles Lindsey wrote:
On Fri, 03 Sep 2010 15:15:37 +0100, Hector Santos hsan...@isdg.net wrote:
I think you need to better appreciate and understand how fundamental
the Message From field for any forms of communications and/or mail
networks is. It would be a
On Sep 10, 2010, at 2:31 PM, Scott Kitterman wrote:
On Friday, September 10, 2010 03:17:47 pm Steve Atkins wrote:
On Sep 10, 2010, at 11:27 AM, Charles Lindsey wrote:
On Fri, 03 Sep 2010 15:15:37 +0100, Hector Santos hsan...@isdg.net
wrote:
I think you need to better appreciate
On Sep 10, 2010, at 3:46 PM, Scott Kitterman wrote:
On Friday, September 10, 2010 06:37:46 pm Steve Atkins wrote:
On Sep 10, 2010, at 2:31 PM, Scott Kitterman wrote:
I don't think it inoculates them against ADSP problems - rather
it opens them up to violations of the security model
On Sep 9, 2010, at 11:12 AM, McDowell, Brett wrote:
On Sep 4, 2010, at 9:31 PM, Steve Atkins wrote:
The whole point of rotating keys is so that loss of an old private key
isn't a risk. Given that, I think that even if you're fairly sure that a key
pair hasn't been compromised then you
On Sep 9, 2010, at 9:57 AM, Mark Martinec wrote:
Mark Delany wrote:
I believe the general thrust is that DKIM keys are ephemeral
so no one should rely on there long-term presence. [...]
With each key there is an associated selector:domain pair,
so with a key rotation comes the change of a
On Sep 5, 2010, at 1:10 PM, Hector Santos wrote:
In 2006, I submitted the I-D
http://tools.ietf.org/html/draft-santos-dkim-rcvd-00
Is there any interest for me to renew this I-D to help address some of
the possible time-shifting issues related key expiration and
revocation as
On Sep 4, 2010, at 2:55 PM, Mark Delany wrote:
On Sat, Sep 04, 2010 at 01:41:41PM -0700, Steve Atkins allegedly wrote:
Do we have any thoughts on 1. how often keys might sensibly be
rotated and 2. how long public keys should remain visible after the
private key has been rotated out?
I
On Sep 2, 2010, at 10:39 AM, Alessandro Vesely wrote:
On 02/Sep/10 00:15, Steve Atkins wrote:
I develop code that receives email to one address and forwards it
on to another address. It's not intended for use as an MLM, but it
does have a number of optional features in common - modifying
On Sep 1, 2010, at 7:24 AM, Michael Thomas wrote:
I'll cheerfully give up references to S/MIME, if other people will
give up on telling software developers how to rewrite MLMs to do
things they've never done before.
Frankly, the best possible advice we can give is to tell people to
sign
On Sep 1, 2010, at 2:49 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Steve Atkins
Sent: Wednesday, September 01, 2010 1:47 PM
To: DKIM List
Subject: Re: [ietf-dkim] draft-ietf-dkim
On Sep 1, 2010, at 3:26 PM, Michael Thomas wrote:
On 09/01/2010 02:49 PM, Murray S. Kucherawy wrote:
If your goal is to have MLM developers rewrite their perfectly working
code to work around the fundamental flaws in ADSP - a protocol nobody
other than bulk mailers is interested in, and
On Aug 24, 2010, at 10:23 AM, Mark Delany wrote:
On Tue, Aug 24, 2010 at 09:45:20AM -0400, Wietse Venema allegedly wrote:
Hector Santos:
IMO, it is these statements that continues to raise confusion and
raise the barrier of industry wide adoption that includes the general
population of MTA
On Aug 24, 2010, at 1:30 PM, Mark Delany wrote:
As a part-time MTA developer I am not confused. The DKIM signature
provides a simple piece of trace information (I handled this mail)
that is cryptographically bound to some header and body content.
Yes. And that the obverse is possible: I
On Aug 24, 2010, at 6:35 PM, John R. Levine wrote:
may I suggest we stop here for a moment and get back to the original
question, which in essence was: should a 1st signer DKIM signature be
preserved 'coûte que coûte' when a message is handled by a MLM, or not.
It shouldn't, at least not if
On Aug 18, 2010, at 6:59 PM, Daniel Black wrote:
I've got a presentation slot for DKIM at APNIC next week to a bunch of ISPs.
My current plan for a talk is:
* DKIM is a really well developed standard for signing email
It's not really for signing mail. It's for attaching a persistent
On Aug 19, 2010, at 12:56 PM, Stephen Farrell wrote:
Folks,
Please. Let's get back to the work at hand and not
spend time on this,
Encouraging use of DKIM, and avoiding confusion
between ADSP flaws and DKIM flaws is a big part
of the work at hand, I think. If it's not, it should be.
On Aug 9, 2010, at 1:26 PM, Scott Kitterman wrote:
On Monday, August 09, 2010 04:11:57 pm John R. Levine wrote:
Why do you simplify handling of list mail to sorting and filtering,
ignoring two other important list handling activities:
1. reading mail
2. responding to mail
Well, OK.
On Aug 9, 2010, at 3:13 PM, Scott Kitterman wrote:
This assumes mail from MLMs is treated differently than other mail. While
individual users may (and probably do) treat it differently, receivers of non-
trivial scale don't and can't.
I agree, in general.
One implication of that is that
On Aug 9, 2010, at 4:31 PM, Scott Kitterman wrote:
On Monday, August 09, 2010 06:52:04 pm Steve Atkins wrote:
One implication of that is that if you're planning to do something with
email that will break if there's a MLM involved, it's broken[1].
Cheers,
Steve
[1] We could call
On Aug 9, 2010, at 4:54 PM, Dave CROCKER wrote:
On 8/9/2010 4:42 PM, Steve Atkins wrote:
4. Write off ADSP as broken, do something useful instead.
A less hostile and possibly more productive phrasing of this is:
4. Accept that ADSP has a tightly constrained range of use
On Aug 4, 2010, at 9:51 AM, John Levine wrote:
I'd like to back up a minute and try to understand better what (if any)
problem we're trying to solve here. So here is a straw poll.
Assuming you do any sorting of inbound mail at all, how do you treat
mail from lists to which you have
On Aug 4, 2010, at 2:47 PM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Dave CROCKER
Sent: Wednesday, August 04, 2010 2:10 PM
To: ietf-dkim@mipassoc.org
Subject: Re: [ietf-dkim] Clarifying
On Aug 2, 2010, at 11:13 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Jeff Macdonald
Sent: Monday, August 02, 2010 10:53 AM
To: DKIM List
Subject: Re: [ietf-dkim] Feedback on
On Aug 2, 2010, at 3:37 PM, Rolf E. Sonneveld wrote:
Hi, all
in the light of the discussion about draft-ietf-dkim-mailinglists I'd
like to propose an alternative way to solve the MLM dilemma on how to
deal with original DKIM signature/message versus sending out a modified
version of
On Jul 30, 2010, at 12:26 AM, Murray S. Kucherawy wrote:
-Original Message-
From: ietf-dkim-boun...@mipassoc.org [mailto:ietf-dkim-
boun...@mipassoc.org] On Behalf Of Steve Atkins
Sent: Thursday, July 29, 2010 8:56 PM
To: DKIM List
Subject: Re: [ietf-dkim] Alternative MAiling List
On Jul 29, 2010, at 9:46 AM, Alessandro Vesely wrote:
On 29/Jul/10 13:21, Charles Lindsey wrote:
The REAL cause of the problem is that From: line. My proposal is that MLM
should change the From: header in such a way that the mail appears to have
come from MLM.example and not from
On Jul 29, 2010, at 11:53 AM, J.D. Falk wrote:
On Jul 29, 2010, at 5:09 PM, Ian Eiloart wrote:
--On 26 July 2010 18:24:34 +0200 J.D. Falk jdfalk-li...@cybernothing.org
wrote:
I think it's because, when you implement most protocols, if your end is
broken then you can't even talk to the
On Jul 29, 2010, at 3:45 PM, Murray S. Kucherawy wrote:
Should the MLM draft suggest From: replacement and addition of Reply-To: as a
specific example of DKIM-friendly MLM behavior?
No. DKIM doesn't really say much about either the From: address or the
Reply-To: address, so such a
On Jun 25, 2010, at 11:39 AM, John R. Levine wrote:
We seem to agree that discard means throw away.
Evidently. But I do have the advantage of knowing what I meant when I
wrote the section we're arguing about.
This is, I think, the third or fourth time we've been through the what does
On Jun 24, 2010, at 8:21 AM, Michael Thomas wrote:
On 06/24/2010 07:49 AM, John Levine wrote:
Are you making the assumption that all third party lists would be equally
credible? That's no more likely than all DNSBLs being equally credible.
In both cases, the good ones will make sure
On Jun 24, 2010, at 8:45 AM, Martijn Grooten wrote:
So why does a domain that performs that painful audit and
remediation need to then tell John's drop list that it's OK to
drop unsigned mail? It doesn't. It can just publish an ADSP
record and be done with it. No need to count on some
On Jun 24, 2010, at 10:03 AM, MH Michael Hammer (5304) wrote:
If an organization doesn't understand the implications of publishing
ADSP (or doing anything else for that matter) then the basic damage done
is to themselves and their users. Their domain, their problem.
... and the problem of
On Jun 2, 2010, at 4:50 AM, Ian Eiloart wrote:
--On 27 May 2010 14:57:06 -0700 Steve Atkins st...@wordtothewise.com wrote:
Legitimate email from paypal:
72% rejected by ADSP
28% not rejected
Phishing emails using paypal in the From line:
39% rejected by ADSP
61
On Jun 2, 2010, at 8:08 AM, Al Iverson wrote:
On Wed, Jun 2, 2010 at 9:48 AM, John R. Levine jo...@iecc.com wrote:
given the recent discussions, it seems to me that people want to have a
definition of what 'discard' means in the context as described above. As a
non-native English speaker (or
1 - 100 of 329 matches
Mail list logo