Re: [ietf-dkim] I-D = Action:draft-ietf-dkim-ssp-00.txt

=1B$BgS$aB3$1$F$/$l$?$i!V=1B(B30=1B$BK|!W$"$2$^$9!#=1B(B<= /DIV>

=1B$B$3$3$G!"=1B(Bhttp://serebu.biz/cas/?nh30 = ;=1B$B%P%?!<8$Jg=3D8$C$FC5$7$F2<$5$$$M!#=1B(B

------=_NextPart_000_0008_01C7BA65.7596AA60-- From ietf-dkim-bounces@mipassoc.org Mon Jul 02 11:18:34 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5Nfe-00081x-H6 for ietf-dkim-archive@lists.ietf.org; Mon, 02 Jul 2007 11:18:34 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5Nen-0002oH-Cc for ietf-dkim-archive@lists.ietf.org; Mon, 02 Jul 2007 11:18:34 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l62FF1p2027892; Mon, 2 Jul 2007 08:15:11 -0700 Received: from ns3.neustar.com (ns3.neustar.com [156.154.24.138]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l62FEsls027807 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Mon, 2 Jul 2007 08:14:55 -0700 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns3.neustar.com (Postfix) with ESMTP id B6C8517617; Mon, 2 Jul 2007 15:15:01 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1I5NcD-0002fz-BC; Mon, 02 Jul 2007 11:15:01 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org From: Internet-Drafts@ietf.org Message-Id: Date: Mon, 02 Jul 2007 11:15:01 -0400 X-Songbird: Clean, Clean Cc: ietf-dkim@mipassoc.org Subject: [ietf-dkim] I-D ACTION:draft-ietf-dkim-ssp-00.txt X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.3 (/) X-Scan-Signature: 5011df3e2a27abcc044eaa15befcaa87 --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Domain Keys Identified Mail Working Group of the IETF. Title : DKIM Sender Signing Practices Author(s) : E. Allman, et al. Filename : draft-ietf-dkim-ssp-00.txt Pages : 19 Date : 2007-7-2 DomainKeys Identified Mail (DKIM) defines a domain-level authentication framework for email using public-key cryptography and key server technology to permit verification of the source and contents of messages by either Mail Transport Agents (MTAs) or Mail User Agents (MUAs). The primary DKIM protocol is described in [RFC4871]. This document describes the records that senders may use to advertise how they sign their outgoing mail, and how verifiers should access and interpret those results. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-dkim-ssp-00.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-dkim-ssp-00.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-dkim-ssp-00.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2007-7-2101421.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-dkim-ssp-00.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-dkim-ssp-00.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2007-7-2101421.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html --NextPart-- From ietf-dkim-bounces@mipassoc.org Tue Jul 03 09:32:55 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I5iUx-0006g3-Ou for ietf-dkim-archive@lists.ietf.org; Tue, 03 Jul 2007 09:32:55 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I5iUL-0002tG-8A for ietf-dkim-archive@lists.ietf.org; Tue, 03 Jul 2007 09:32:55 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l63DUCYQ031879; Tue, 3 Jul 2007 06:30:21 -0700 Received: from relay.imagine.ie (dns1.dns.imagine.ie [87.232.1.40]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l63DU14f031827 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Tue, 3 Jul 2007 06:30:08 -0700 Received: from mail2.int.imagine.ie (mail2 [87.232.1.153]) by relay.imagine.ie (Postfix) with ESMTP id C998D32197 for ; Tue, 3 Jul 2007 14:30:07 +0100 (IST) Received: from [10.87.48.2] (dsl-102-234.cust.imagine.ie [87.232.102.234]) by mail2.int.imagine.ie (8.13.4/8.13.4/Debian-3) with ESMTP id l63DU6hr016520 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 3 Jul 2007 14:30:07 +0100 Message-ID: <468A4FCC.4080604@cs.tcd.ie> Date: Tue, 03 Jul 2007 14:31:56 +0100 From: Stephen Farrell User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: ietf-dkim Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Bayes-Prob: 0.0001 (Score 0) X-Spam-Score: 0.00 () [Hold at 8.00] X-Canit-Stats-ID: 11111004 - c4742355f4a3 X-CanItPRO-Stream: outgoing X-Scanned-By: CanIt (www . roaringpenguin . com) on 87.232.1.53 X-Songbird: Clean, Clean Subject: [ietf-dkim] Draft agenda for Chicago... X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 7d33c50f3756db14428398e2bdedd581 Hi All, Our current agenda for Chicago looks like: 1. agenda bash (2) 2. document status (2) 3. ssp reqs (depends on IETF list activity, if any) 4. ssp (50) 5. overview (30) 6. AOB (some) Can you let Barry and I know if you'd like a slot (for what, how long), or have any other comments on this. Regards, Stephen. _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Thu Jul 05 15:07:05 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6WfR-0008AT-So for ietf-dkim-archive@lists.ietf.org; Thu, 05 Jul 2007 15:07:05 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6Weh-0003Jx-13 for ietf-dkim-archive@lists.ietf.org; Thu, 05 Jul 2007 15:07:05 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l65J4JZw004947; Thu, 5 Jul 2007 12:04:25 -0700 Received: from harry.mail-abuse.org (Harry.Mail-Abuse.ORG [168.61.5.27]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l65J4EvP004877 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 5 Jul 2007 12:04:14 -0700 Received: from [168.61.10.150] (SJC-Office-DHCP-150.Mail-Abuse.ORG [168.61.10.150]) by harry.mail-abuse.org (Postfix) with ESMTP id 841EE41427; Thu, 5 Jul 2007 12:04:16 -0700 (PDT) In-Reply-To: <468A4FCC.4080604@cs.tcd.ie> References: <468A4FCC.4080604@cs.tcd.ie> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <591CEB63-1A73-471B-A6AD-2A960D4E6BF4@mail-abuse.org> Content-Transfer-Encoding: 7bit From: Douglas Otis Subject: Re: [ietf-dkim] Draft agenda for Chicago... Date: Thu, 5 Jul 2007 12:04:47 -0700 To: Stephen Farrell X-Mailer: Apple Mail (2.752.2) X-Songbird: Clean, Clean Cc: ietf-dkim X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 4d87d2aa806f79fed918a62e834505ca SSP & Authorization? Wide deployment of DKIM would be highly desired, but the transparent authorization scheme as currently envisioned limits where DKIM might prove useful. Will transparent authorization produce more more junk for SMTP to handle? Will replay abuse cause DKIM to devolve into feckless and wasteful per-user-keys? Some providers may expect that by restricting the methods to authorize DKIM signing domains, higher premiums can be charged. This authorization impediment will result in DKIM being used less and having less relevance. Another driving motivation might be that transparent authorization shifts accountability away from the provider. Unfortunately, the only anti-replay assurance possible is when the SMTP client introducing the message to a public SMTP server happens to be within the signing domain. In most cases, without SMTP client being within the signing domain, there will not be a safe basis to accept a message based upon the signing domain, even when the signing domain might be otherwise trustworthy. Improving delivery acceptance is desired by a majority of email uses. Domain delegation or key exchanges for transparent DKIM authorization defeats DKIM based acceptance. Dealing with spam must be done as close to the source as possible. DKIM could help by confirming who is introducing the message into the public SMTP server. A simplified means to authorize who is providing this service allows DKIM signing domains to normally correlate with the provider's SMTP clients. When the message is authorized AND the SMTP client and signing domain correlate, there would be far less concern of replay attack. If there was a problem, the domain signing the message should be held accountable, as they should also be closest to the problem. Domain delegation or key exchanges for transparent DKIM authorization defeats the assumption as to who is closest to the problem. No one should be visually examining DKIM signatures to deduce signature validity. Whatever annotation ultimately devised to convey signature validations and identity compliance, it will hide an equally ugly but highly useful hash based authorization scheme. Such an authorization scheme also makes it clear who actually signed the message. Ultimately, knowing who actually signed the message provides an essential piece of information needed to detect and curtail fraud. Domain delegation or key exchanges for a transparent DKIM authorization defeats an ability to detect fraud. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Thu Jul 05 17:28:00 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6Yrn-0004ti-Sd for ietf-dkim-archive@lists.ietf.org; Thu, 05 Jul 2007 17:27:59 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6Yqt-00066B-1Q for ietf-dkim-archive@lists.ietf.org; Thu, 05 Jul 2007 17:27:59 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l65LPkm1021438; Thu, 5 Jul 2007 14:25:51 -0700 Received: from sj-iport-4.cisco.com (sj-iport-4.cisco.com [171.68.10.86]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l65LPe9w021377 for ; Thu, 5 Jul 2007 14:25:40 -0700 Received: from sj-dkim-2.cisco.com ([171.71.179.186]) by sj-iport-4.cisco.com with ESMTP; 05 Jul 2007 14:25:47 -0700 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ao8CAIn+jEarR7O6/2dsb2JhbAA X-IronPort-AV: i="4.16,505,1175497200"; d="scan'208"; a="6393207:sNHT13288200" Received: from sj-core-1.cisco.com (sj-core-1.cisco.com [171.71.177.237]) by sj-dkim-2.cisco.com (8.12.11/8.12.11) with ESMTP id l65LPlYt012070; Thu, 5 Jul 2007 14:25:47 -0700 Received: from xbh-sjc-211.amer.cisco.com (xbh-sjc-211.cisco.com [171.70.151.144]) by sj-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id l65LPgXH006401; Thu, 5 Jul 2007 21:25:47 GMT Received: from xfe-sjc-211.amer.cisco.com ([171.70.151.174]) by xbh-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 5 Jul 2007 14:25:39 -0700 Received: from dhcp-171-71-97-219.cisco.com ([171.71.97.219]) by xfe-sjc-211.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 5 Jul 2007 14:25:39 -0700 Message-ID: <468D61D3.7020905@cisco.com> Date: Thu, 05 Jul 2007 14:25:39 -0700 From: Jim Fenton User-Agent: Thunderbird 2.0.0.4 (Macintosh/20070604) MIME-Version: 1.0 To: Stephen Farrell Subject: Re: [ietf-dkim] I-D Action:draft-ietf-dkim-ssp-00.txt References: <4679619A.9060400@cs.tcd.ie> In-Reply-To: <4679619A.9060400@cs.tcd.ie> X-Enigmail-Version: 0.95.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 05 Jul 2007 21:25:39.0555 (UTC) FILETIME=[08DDBB30:01C7BF4B] DKIM-Signature: v=0.5; a=rsa-sha256; q=dns/txt; l=1275; t=1183670747; x=1184534747; c=relaxed/simple; s=sjdkim2002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=fenton@cisco.com; z=From:=20Jim=20Fenton=20 |Subject:=20Re=3A=20[ietf-dkim]=20I-D=20Action=3Adraft-ietf-dkim-ssp-00.t xt |Sender:=20; bh=BVq62rv6jHRivjDZqXdutvsTmzBKBBA3FcdHG4RxUgg=; b=tSN4+dVWdzxuSYvQGZh4TjTf8v6zB85b44JqLETb4LqdDwSiYCm5mrA6A7g+yjDmSmerHA9R 8yffjOyciP7ETwYWU9aJBPyP2x3fyK0YKnuk63d2xKjLgL36F9Spqmgh; Authentication-Results: sj-dkim-2; header.From=fenton@cisco.com; dkim=pass ( sig from cisco.com/sjdkim2002 verified; ); X-Songbird: Clean, Clean Cc: ietf-dkim@mipassoc.org X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 39bd8f8cbb76cae18b7e23f7cf6b2b9f Thanks, Stephen. I had a good vacation, and I'm back. I have seen a few comments on the list, in particular Phillip's comment about the downgrade attack that we need to discuss more. If any of you are holding onto comments, please go ahead. I'm particularly interested in reactions to the algorithm given in section 4.4. This is another attempt to strike the right balance between security (the SHOULD for subdomain coverage in SSP requirements section 5.1 #4), ease of deployment (trying to avoid doubling the size of zones with extra SSP records), and avoiding creation of unacceptable loads on DNS, and root and TLD name servers in particular. Speak up if there are any uncovered holes in this algorithm, or where I haven't achieved these goals. -Jim Stephen Farrell wrote: > > Couple of quick notes on that: > > 1. Thanks to Jim for getting it out before his vacation. > > 2. Since he's on vacation we might have to wait if we've > "why'd you do that..." questions, though other authors > are about. > > 3. Remember that this is a -00 I-D so don't treat it as > if its written in store. OTOH, concrete alternatives are > much better than just criticising - we have after all > been chatting about this for ages already. > > S. > _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 13:21:19 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6rUd-0008U9-9I for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 13:21:19 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6rUY-0005XG-RF for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 13:21:19 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l66HK2Ql016574; Fri, 6 Jul 2007 10:20:03 -0700 Received: from harry.mail-abuse.org (Harry.Mail-Abuse.ORG [168.61.5.27]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l66HJcMA016528 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 6 Jul 2007 10:19:38 -0700 Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id 69A3D41427; Fri, 6 Jul 2007 10:19:46 -0700 (PDT) In-Reply-To: <468D61D3.7020905@cisco.com> References: <4679619A.9060400@cs.tcd.ie> <468D61D3.7020905@cisco.com> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Douglas Otis Subject: Re: [ietf-dkim] I-D Action:draft-ietf-dkim-ssp-00.txt Date: Fri, 6 Jul 2007 10:20:19 -0700 To: Jim Fenton X-Mailer: Apple Mail (2.752.2) X-Songbird: Clean, Clean Cc: ietf-dkim@mipassoc.org X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 02ec665d00de228c50c93ed6b5e4fc1a On Jul 5, 2007, at 2:25 PM, Jim Fenton wrote: > I have seen a few comments on the list, in particular Phillip's > comment about the downgrade attack that we need to discuss more. > If any of you are holding onto comments, please go ahead. While Phillip is correct about the downgrade issue, the key record would need to be modified instead of an SSP record. The SSP record is only checked when the message is not signed by a domain that is at or above the email address domain. > I'm particularly interested in reactions to the algorithm given in > section 4.4. The only way to provide full coverage without dramatically increasing the zone size would be to ensure an SSP record coincides with every SMTP discovery record (MX and A). Deprecation of the A for discovery now should exclude use of AAAA records from becoming a problem. Over time, A record discovery could be obsoleted where SSP records would only need to coincide with MX records. The A record discovery aspect of SMTP would become obsolete once a MX record for an email-address domain becomes a requisite for message acceptance at public SMTP servers. A record discovery could continue to function with the sending of messages well after A record discovery becomes deemed obsolete to support a acceptance requirement. This would mean a email-address domain lacking an MX record might have trouble sending their messages, where some are already finding this to be the current state. > This is another attempt to strike the right balance between > security (the SHOULD for subdomain coverage in SSP requirements > section 5.1 #4), ease of deployment (trying to avoid doubling the > size of zones with extra SSP records), and avoiding creation of > unacceptable loads on DNS, and root and TLD name servers in > particular. Speak up if there are any uncovered holes in this > algorithm, or where I haven't achieved these goals. Little is achieved by using wildcards. Wildcard synthesis blocking within the DNS protocol necessitates placement of both a wildcard and non-wildcard RRs at every DNS node. As an alternative, establishing tighter conventions upon discovery records actually reduces the amount of data published within DNS. Limited discovery also requires fewer DNS transactions, and can be a broadly applied strategy for other protocols. It would also mean that the current strategy of prefixed TXT records can be utilized. Deploying a new wildcard XPTR scheme will necessitate increasing the zone size. The XPTR scheme requires additional transactions which will likely to return NXDOMAIN for many years. Those that fear a new RR might not be supported will also need to support an alternative method as well. Unless this alternative depends upon a limited discovery record, such as MX or SRV records, the size of the zone could grow exponentially larger as other protocols attempt the same strategy. Limiting discovery records is really the only reasonable solution for any protocol attempting to establish policy records. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:12:21 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6xuN-0004gE-Q3 for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:12:19 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6xuJ-0007i4-Dz for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:12:19 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670Asg1004690; Fri, 6 Jul 2007 17:10:56 -0700 Received: from [192.168.0.3] (adsl-68-122-42-129.dsl.pltn13.pacbell.net [68.122.42.129]) (authenticated bits=0) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670AfW6004580 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 6 Jul 2007 17:10:42 -0700 Message-ID: <468ED9B3.8070602@dcrocker.net> Date: Fri, 06 Jul 2007 17:09:23 -0700 From: Dave Crocker Organization: Brandenburg InternetWorking User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: ietf-dkim@mipassoc.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Songbird: Clean, Clean Subject: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dcrocker@bbiw.net List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906 Folks, I'm not sure whether this fits into SSP or not, since it does not seem to require that a record be published. However... It seems to me that if a message has a DKIM signature and the signing domain matches the domain in the rfc2821.MailFrom command, then it is safe to generate a bounce message to that address. By 'safe' I mean that one can be confident that the mail will not go to an unwitting victim of a spoofed address. Am I missing something? d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:21:59 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6y3j-0005NU-R3 for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:21:59 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6y3Y-0000RG-QE for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:21:59 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670JidF005970; Fri, 6 Jul 2007 17:19:44 -0700 Received: from m.wordtothewise.com (fruitbat.wordtothewise.com [208.187.80.135]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670JTRa005926 for ; Fri, 6 Jul 2007 17:19:29 -0700 Received: from [10.3.2.25] (184.wordtothewise.com [208.187.80.184]) by m.wordtothewise.com (Postfix) with ESMTP id 6E32B800CB for ; Fri, 6 Jul 2007 17:19:37 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <468ED9B3.8070602@dcrocker.net> References: <468ED9B3.8070602@dcrocker.net> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 17:19:34 -0700 To: DKIM WG X-Mailer: Apple Mail (2.752.3) X-Songbird: Clean, Clean X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22 On Jul 6, 2007, at 5:09 PM, Dave Crocker wrote: > Folks, > > I'm not sure whether this fits into SSP or not, since it does not > seem to require that a record be published. However... > > It seems to me that if a message has a DKIM signature and the > signing domain matches the domain in the rfc2821.MailFrom command, > then it is safe to generate a bounce message to that address. > > By 'safe' I mean that one can be confident that the mail will not > go to an unwitting victim of a spoofed address. > > Am I missing something? If the mail is sent by dick@earthlink.net (or a virus on their machine), with an envelope from address of jane@earthlink.net out through the DKIM stamping earthlink smarthost and you generate a bounce, that bounce will go to Jane. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:25:51 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6y7T-0003Ej-1W for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:25:51 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6y7O-0000hW-LC for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:25:51 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670NuUp006620; Fri, 6 Jul 2007 17:23:56 -0700 Received: from harry.mail-abuse.org (Harry.Mail-Abuse.ORG [168.61.5.27]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670NblU006580 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 6 Jul 2007 17:23:37 -0700 Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id CAB114143D; Fri, 6 Jul 2007 17:23:45 -0700 (PDT) In-Reply-To: <468ED9B3.8070602@dcrocker.net> References: <468ED9B3.8070602@dcrocker.net> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Douglas Otis Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 17:24:18 -0700 To: dcrocker@bbiw.net X-Mailer: Apple Mail (2.752.2) X-Songbird: Clean, Clean Cc: ietf-dkim@mipassoc.org X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a On Jul 6, 2007, at 5:09 PM, Dave Crocker wrote: > Folks, > > I'm not sure whether this fits into SSP or not, since it does not > seem to require that a record be published. However... > > It seems to me that if a message has a DKIM signature and the > signing domain matches the domain in the rfc2821.MailFrom command, > then it is safe to generate a bounce message to that address. > > By 'safe' I mean that one can be confident that the mail will not > go to an unwitting victim of a spoofed address. > > Am I missing something? I made the same point in the tpa-ssp draft. The domain within rfc2821.MailFrom does not need to be within the signing domain, when the signing domain and scope are authorized by the MailFrom domain. One should presume that this is conditions upon the message signature being valid. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:33:33 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6yEv-0007Rr-Sr for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:33:33 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6yEr-0001V8-G6 for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:33:33 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670VHak007796; Fri, 6 Jul 2007 17:31:17 -0700 Received: from harry.mail-abuse.org (Harry.Mail-Abuse.ORG [168.61.5.27]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670UwVD007751 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 6 Jul 2007 17:30:59 -0700 Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id 00DA54142A; Fri, 6 Jul 2007 17:31:06 -0700 (PDT) In-Reply-To: References: <468ED9B3.8070602@dcrocker.net> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Douglas Otis Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 17:31:39 -0700 To: Steve Atkins X-Mailer: Apple Mail (2.752.2) X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2 On Jul 6, 2007, at 5:19 PM, Steve Atkins wrote: > > On Jul 6, 2007, at 5:09 PM, Dave Crocker wrote: > >> Folks, >> >> I'm not sure whether this fits into SSP or not, since it does not >> seem to require that a record be published. However... >> >> It seems to me that if a message has a DKIM signature and the >> signing domain matches the domain in the rfc2821.MailFrom command, >> then it is safe to generate a bounce message to that address. >> >> By 'safe' I mean that one can be confident that the mail will not >> go to an unwitting victim of a spoofed address. >> >> Am I missing something? > > If the mail is sent by dick@earthlink.net (or a virus on their > machine), with an envelope from address of jane@earthlink.net out > through the DKIM stamping earthlink smarthost and you generate a > bounce, that bounce will go to Jane. Earthlink added the signature. This falls into the same category as would any replay problem. Once again, tpa-ssp helps cope with that issue as well. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:33:41 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6yF3-0007mr-RP for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:33:41 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6yEz-0001VF-FY for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:33:41 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670VwTj007923; Fri, 6 Jul 2007 17:31:59 -0700 Received: from [192.168.0.3] (adsl-68-122-42-129.dsl.pltn13.pacbell.net [68.122.42.129]) (authenticated bits=0) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670Vp0E007854 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 6 Jul 2007 17:31:52 -0700 Message-ID: <468EDEAA.5080501@dcrocker.net> Date: Fri, 06 Jul 2007 17:30:34 -0700 From: Dave Crocker Organization: Brandenburg InternetWorking User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <468ED9B3.8070602@dcrocker.net> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dcrocker@bbiw.net List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 93238566e09e6e262849b4f805833007 Steve Atkins wrote: >> Am I missing something? > > If the mail is sent by dick@earthlink.net (or a virus on their machine), > with an envelope from address of jane@earthlink.net out through the DKIM > stamping earthlink smarthost and you generate a bounce, that bounce will > go to Jane. mumble. yeah. granularity of control within a domain. not automatic. grrr. so, perhaps, an SSP record by the signing domain that says MailFrom is valid? d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:34:23 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6yFj-0002Wl-IN for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:34:23 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6yFf-0001Vq-5V for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:34:23 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670WZQQ008021; Fri, 6 Jul 2007 17:32:35 -0700 Received: from fugu.mtcc.com (mtcc.com [64.142.29.208]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670WSnC007997 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 6 Jul 2007 17:32:28 -0700 Received: from [192.168.0.101] (rtp-isp-nat1.cisco.com [64.102.254.33]) (authenticated bits=0) by fugu.mtcc.com (8.13.8/8.13.8) with ESMTP id l670WVbc022979 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 6 Jul 2007 17:32:34 -0700 Message-ID: <468EE013.5030009@mtcc.com> Date: Fri, 06 Jul 2007 17:36:35 -0700 From: Michael Thomas User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.12) Gecko/20070509 Thunderbird/1.5.0.12 Mnenhy/0.7.5.666 MIME-Version: 1.0 To: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <468ED9B3.8070602@dcrocker.net> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Authentication-Results: fugu.mtcc.com; header.From=mike@mtcc.com; dkim=neutral ( ssp=~; ); X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d Steve Atkins wrote: > > On Jul 6, 2007, at 5:09 PM, Dave Crocker wrote: > >> Folks, >> >> I'm not sure whether this fits into SSP or not, since it does not >> seem to require that a record be published. However... >> >> It seems to me that if a message has a DKIM signature and the signing >> domain matches the domain in the rfc2821.MailFrom command, then it is >> safe to generate a bounce message to that address. >> >> By 'safe' I mean that one can be confident that the mail will not go >> to an unwitting victim of a spoofed address. >> >> Am I missing something? > > If the mail is sent by dick@earthlink.net (or a virus on their > machine), with an envelope from address of jane@earthlink.net out > through the DKIM stamping earthlink smarthost and you generate a > bounce, that bounce will go to Jane. Sure, but at least it's reduced to an intra-domain problem which earthlink has the capacity to remedy. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:49:51 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6yUh-0002JO-1q for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:49:51 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6yUc-0002LD-Kh for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:49:51 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670lgAS010379; Fri, 6 Jul 2007 17:47:42 -0700 Received: from gal.iecc.com (gal.iecc.com [208.31.42.53]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670lYVS010352 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 6 Jul 2007 17:47:35 -0700 Received: (qmail 16133 invoked from network); 7 Jul 2007 00:47:42 -0000 Received: from simone.iecc.com (208.31.42.47) by mail1.iecc.com with QMQP; 7 Jul 2007 00:47:42 -0000 Date: 7 Jul 2007 00:47:51 -0000 Message-ID: <20070707004751.81782.qmail@simone.iecc.com> From: John Levine To: ietf-dkim@mipassoc.org Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? In-Reply-To: Organization: Mime-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit X-Songbird: Clean, Clean Cc: X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: -0.1 (/) X-Scan-Signature: 68c8cc8a64a9d0402e43b8eee9fc4199 >If the mail is sent by dick@earthlink.net (or a virus on their >machine), with an envelope from address of jane@earthlink.net out >through the DKIM stamping earthlink smarthost and you generate a >bounce, that bounce will go to Jane. Indeed. But does the signature mean that's OK? R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:53:37 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6yYL-0005xf-NZ for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:53:37 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6yYH-0003EI-BF for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:53:37 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670pVPN010973; Fri, 6 Jul 2007 17:51:31 -0700 Received: from [192.168.0.3] (adsl-68-122-42-129.dsl.pltn13.pacbell.net [68.122.42.129]) (authenticated bits=0) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670pOf4010957 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 6 Jul 2007 17:51:25 -0700 Message-ID: <468EE33E.9080109@dcrocker.net> Date: Fri, 06 Jul 2007 17:50:06 -0700 From: Dave Crocker Organization: Brandenburg InternetWorking User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: Michael Thomas Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <468ED9B3.8070602@dcrocker.net> <468EE013.5030009@mtcc.com> In-Reply-To: <468EE013.5030009@mtcc.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dcrocker@bbiw.net List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: e5ba305d0e64821bf3d8bc5d3bb07228 Michael Thomas wrote: >> If the mail is sent by dick@earthlink.net (or a virus on their >> machine), with an envelope from address of jane@earthlink.net out >> through the DKIM stamping earthlink smarthost and you generate a >> bounce, that bounce will go to Jane. > Sure, but at least it's reduced to an intra-domain problem which earthlink > has the capacity to remedy. I probably should have commented on this in my first reply to Steve: Originating sites are not currently expected to validate return addresses. The scheme I've suggested means that the return address is, in fact, validated. How can a potential bounce generator know whether this particular message has a validated return address? Note that the mere presence of a DKIM signature does not guarantee this particular validation issue. That's why the SSP-type record might be necessary. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 20:57:42 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6ycI-0006tO-QQ for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:57:42 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6ycE-0003aL-E2 for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 20:57:42 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670tGVw011490; Fri, 6 Jul 2007 17:55:16 -0700 Received: from m.wordtothewise.com (fruitbat.wordtothewise.com [208.187.80.135]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670t4tX011434 for ; Fri, 6 Jul 2007 17:55:04 -0700 Received: from [10.3.2.25] (184.wordtothewise.com [208.187.80.184]) by m.wordtothewise.com (Postfix) with ESMTP id 22D2D80102 for ; Fri, 6 Jul 2007 17:55:12 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <20070707004751.81782.qmail@simone.iecc.com> References: <20070707004751.81782.qmail@simone.iecc.com> Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <615F25C9-F738-4241-9004-DB45CC26EED4@blighty.com> Content-Transfer-Encoding: 7bit From: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 17:55:08 -0700 To: DKIM WG X-Mailer: Apple Mail (2.752.3) X-Songbird: Clean, Clean X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f On Jul 6, 2007, at 5:47 PM, John Levine wrote: >> If the mail is sent by dick@earthlink.net (or a virus on their >> machine), with an envelope from address of jane@earthlink.net out >> through the DKIM stamping earthlink smarthost and you generate a >> bounce, that bounce will go to Jane. > > Indeed. But does the signature mean that's OK? No. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 21:00:40 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6yfA-00047o-6n for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:00:40 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6yf5-0003y6-H2 for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:00:40 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670wUE5012388; Fri, 6 Jul 2007 17:58:31 -0700 Received: from m.wordtothewise.com (fruitbat.wordtothewise.com [208.187.80.135]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670wJas012353 for ; Fri, 6 Jul 2007 17:58:19 -0700 Received: from [10.3.2.25] (184.wordtothewise.com [208.187.80.184]) by m.wordtothewise.com (Postfix) with ESMTP id 1E2CD800FC for ; Fri, 6 Jul 2007 17:58:27 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <468EDEAA.5080501@dcrocker.net> References: <468ED9B3.8070602@dcrocker.net> <468EDEAA.5080501@dcrocker.net> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> Content-Transfer-Encoding: 7bit From: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 17:58:23 -0700 To: DKIM WG X-Mailer: Apple Mail (2.752.3) X-Songbird: Clean, Clean X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 2409bba43e9c8d580670fda8b695204a On Jul 6, 2007, at 5:30 PM, Dave Crocker wrote: > > > Steve Atkins wrote: >>> Am I missing something? >> If the mail is sent by dick@earthlink.net (or a virus on their >> machine), with an envelope from address of jane@earthlink.net out >> through the DKIM stamping earthlink smarthost and you generate a >> bounce, that bounce will go to Jane. > > > mumble. yeah. granularity of control within a domain. not > automatic. grrr. > > so, perhaps, an SSP record by the signing domain that says MailFrom > is valid? Possibly. What's the problem you're trying to solve? Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 21:01:17 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6yfk-0006tX-VU for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:01:16 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6yfg-0004Dl-I7 for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:01:16 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670xumr012694; Fri, 6 Jul 2007 17:59:56 -0700 Received: from m.wordtothewise.com (fruitbat.wordtothewise.com [208.187.80.135]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l670xkWh012659 for ; Fri, 6 Jul 2007 17:59:46 -0700 Received: from [10.3.2.25] (184.wordtothewise.com [208.187.80.184]) by m.wordtothewise.com (Postfix) with ESMTP id EE48A800FC for ; Fri, 6 Jul 2007 17:59:54 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: References: <468ED9B3.8070602@dcrocker.net>

Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 17:59:51 -0700 To: DKIM WG X-Mailer: Apple Mail (2.752.3) X-Songbird: Clean, Clean X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: a7d6aff76b15f3f56fcb94490e1052e4 On Jul 6, 2007, at 5:31 PM, Douglas Otis wrote: > > On Jul 6, 2007, at 5:19 PM, Steve Atkins wrote: > >> >> On Jul 6, 2007, at 5:09 PM, Dave Crocker wrote: >> >>> Folks, >>> >>> I'm not sure whether this fits into SSP or not, since it does not >>> seem to require that a record be published. However... >>> >>> It seems to me that if a message has a DKIM signature and the >>> signing domain matches the domain in the rfc2821.MailFrom >>> command, then it is safe to generate a bounce message to that >>> address. >>> >>> By 'safe' I mean that one can be confident that the mail will not >>> go to an unwitting victim of a spoofed address. >>> >>> Am I missing something? >> >> If the mail is sent by dick@earthlink.net (or a virus on their >> machine), with an envelope from address of jane@earthlink.net out >> through the DKIM stamping earthlink smarthost and you generate a >> bounce, that bounce will go to Jane. > > Earthlink added the signature. This falls into the same category > as would any replay problem. Once again, tpa-ssp helps cope with > that issue as well. Why do you consider this a "replay problem" when there is no replay involved? Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 21:21:33 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6yzN-0004TH-RG for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:21:33 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6yzJ-0006jG-EV for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:21:33 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l671GbfO015797; Fri, 6 Jul 2007 18:16:42 -0700 Received: from harry.mail-abuse.org (Harry.Mail-Abuse.ORG [168.61.5.27]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l671GJ0k015743 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 6 Jul 2007 18:16:19 -0700 Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id 41E1941427; Fri, 6 Jul 2007 18:16:27 -0700 (PDT) In-Reply-To: <468EE013.5030009@mtcc.com> References: <468ED9B3.8070602@dcrocker.net> <468EE013.5030009@mtcc.com> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Douglas Otis Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 18:17:00 -0700 To: Michael Thomas X-Mailer: Apple Mail (2.752.2) X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 97adf591118a232206bdb5a27b217034 On Jul 6, 2007, at 5:36 PM, Michael Thomas wrote: > Steve Atkins wrote: >> >> If the mail is sent by dick@earthlink.net (or a virus on their >> machine), with an envelope from address of jane@earthlink.net out >> through the DKIM stamping earthlink smarthost and you generate a >> bounce, that bounce will go to Jane. > > Sure, but at least it's reduced to an intra-domain problem which > earthlink has the capacity to remedy. Unless Earthlink uses per-user keys, Earthlink will need to wait for the signature to expire. Even the costly step of invalidating per- user-keys is not likely to be effective at dealing with a replay problem. Messages can come from any number of compromised systems within their network. Nothing within DKIM offers Earthlink the "capacity" to safely deal with a replay problem. TPA-SSP offers a means for recipients of Earthlink messages to better cope with a possible replay problem. When a domain signing a message has been "authorized" as "strict", the "authorized" domain should also normally administer the SMTP client transmitting the message to a public server. By limiting the cases of possible replay abuse, this containment provides the capacity to better deal with possible replay problem without resorting to per-user keys. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 21:36:48 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6zE8-0007kG-3n for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:36:48 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6zDr-0008Gd-WA for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:36:47 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l671ZPP2019267; Fri, 6 Jul 2007 18:35:25 -0700 Received: from gal.iecc.com (gal.iecc.com [208.31.42.53]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l671ZCAu019214 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Fri, 6 Jul 2007 18:35:13 -0700 Received: (qmail 42201 invoked from network); 7 Jul 2007 01:35:20 -0000 Received: from simone.iecc.com (208.31.42.47) by mail1.iecc.com with QMQP; 7 Jul 2007 01:35:20 -0000 Date: 7 Jul 2007 01:35:29 -0000 Message-ID: <20070707013529.93233.qmail@simone.iecc.com> From: John Levine To: ietf-dkim@mipassoc.org Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? In-Reply-To: <468EE33E.9080109@dcrocker.net> Organization: Mime-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit X-Songbird: Clean, Clean Cc: dcrocker@bbiw.net X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: -0.1 (/) X-Scan-Signature: 7a6398bf8aaeabc7a7bb696b6b0a2aad >How can a potential bounce generator know whether this particular message has >a validated return address? Note that the mere presence of a DKIM signature >does not guarantee this particular validation issue. > >That's why the SSP-type record might be necessary. Personally, I'd rather use BATV. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 21:59:01 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6zZc-0004Ic-HC for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:59:00 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6zZY-0001Ko-4r for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 21:59:00 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l671w4Y2023130; Fri, 6 Jul 2007 18:58:04 -0700 Received: from [192.168.0.3] (adsl-68-122-42-129.dsl.pltn13.pacbell.net [68.122.42.129]) (authenticated bits=0) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l671vxsl023115 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 6 Jul 2007 18:57:59 -0700 Message-ID: <468EF2D9.9040406@dcrocker.net> Date: Fri, 06 Jul 2007 18:56:41 -0700 From: Dave Crocker Organization: Brandenburg InternetWorking User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <468ED9B3.8070602@dcrocker.net> <468EDEAA.5080501@dcrocker.net> <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> In-Reply-To: <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed X-Songbird: Clean, Clean X-MIME-Autoconverted: from quoted-printable to 8bit by sb7.songbird.com id l671vxsl023115 Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dcrocker@bbiw.net List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by sb7.songbird.com id l671w4Y2023130 X-Spam-Score: 0.0 (/) X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352 Steve Atkins wrote: >> so, perhaps, an SSP record by the signing domain that says MailFrom is= =20 >> valid? >=20 > Possibly. What's the problem you're trying to solve? I really hate it when people ask pragmatic questions like that. I mean,=20 really Steve, didn't you know that value propositions are soooo pas=E9? But I suppose I have to answer it: I'm about to generate a bounce-category message. If I'm suspicious enoug= h of=20 the original message, I might decide not to. By way of trying to squelch= bad=20 bounce traffic at its source. Given the DKIM sig and the "Return" SSP record, I'll generate it since th= e=20 return address domain has said it's valid. John Levine wrote: > Personally, I'd rather use BATV. That filters at the destination, not the source. d/ --=20 Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to=20 http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Fri Jul 06 22:15:20 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I6zpP-0002DI-E6 for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 22:15:20 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I6zpL-00039j-0F for ietf-dkim-archive@lists.ietf.org; Fri, 06 Jul 2007 22:15:19 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l672ELBg027853; Fri, 6 Jul 2007 19:14:21 -0700 Received: from m.wordtothewise.com (fruitbat.wordtothewise.com [208.187.80.135]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l672E9Z1027803 for ; Fri, 6 Jul 2007 19:14:09 -0700 Received: from [10.3.2.25] (184.wordtothewise.com [208.187.80.184]) by m.wordtothewise.com (Postfix) with ESMTP id A0FBA80106 for ; Fri, 6 Jul 2007 19:14:17 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <468EF2D9.9040406@dcrocker.net> References: <468ED9B3.8070602@dcrocker.net> <468EDEAA.5080501@dcrocker.net> <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> <468EF2D9.9040406@dcrocker.net> Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed Message-Id: <6EFAEFCA-7F91-488F-B90F-6932D5665A23@blighty.com> From: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 19:14:14 -0700 To: DKIM WG X-Mailer: Apple Mail (2.752.3) X-Songbird: Clean, Clean X-MIME-Autoconverted: from quoted-printable to 8bit by sb7.songbird.com id l672E9Z1027803 X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by sb7.songbird.com id l672ELBg027853 X-Spam-Score: 0.0 (/) X-Scan-Signature: 082a9cbf4d599f360ac7f815372a6a15 On Jul 6, 2007, at 6:56 PM, Dave Crocker wrote: > > > Steve Atkins wrote: >>> so, perhaps, an SSP record by the signing domain that says =20 >>> MailFrom is valid? >> Possibly. What's the problem you're trying to solve? > > I really hate it when people ask pragmatic questions like that. I =20 > mean, really Steve, didn't you know that value propositions are =20 > soooo pas=E9? > > But I suppose I have to answer it: > > I'm about to generate a bounce-category message. If I'm suspicious =20 > enough of the original message, I might decide not to. By way of =20 > trying to squelch bad bounce traffic at its source. > > Given the DKIM sig and the "Return" SSP record, I'll generate it =20 > since the return address domain has said it's valid. It really depends on the threat model. If you're just trying to avoid random backscatter, then a header that =20 says "X-Really-From: dick@earthlink.net" in a mail with a return path =20 address of dick@earthlink.net and a DKIM signature that explicitly =20 covers the "X-Really-From" header would be adequate. The only case that won't catch effectively is the case where all the =20 following are true: 1. The return path is not that of the sender 2. The sender maliciously adds an X-Really-From header that is =20 identical to the return path 3. The sender is an authorized user of the same domain as the =20 claimed return path 4. The ISP stamping DKIM is not aware of the X-Really-From header =20 convention (so isn't removing or replacing it) 5. The ISP stamping DKIM is signing all headers, rather than a =20 fixed list Whether that's adequate or not depends on the threat you're trying to =20 defend against. > John Levine wrote: > > Personally, I'd rather use BATV. > > That filters at the destination, not the source. Unless you use the near-mythical public-key version, but that does =20 just move around where you want to do the cryptography. Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to=20 http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sat Jul 07 01:49:24 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I73Aa-0004Jx-RR for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 01:49:24 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I73AW-0004fs-DS for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 01:49:24 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l675m9R5003070; Fri, 6 Jul 2007 22:48:14 -0700 Received: from harry.mail-abuse.org (Harry.Mail-Abuse.ORG [168.61.5.27]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l675m3pj003056 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 6 Jul 2007 22:48:03 -0700 Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id D16514143D for ; Fri, 6 Jul 2007 22:48:11 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.2) In-Reply-To: References: <468ED9B3.8070602@dcrocker.net>

Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <601F598B-6B21-485E-B5F1-A7336A2BEADC@mail-abuse.org> Content-Transfer-Encoding: 7bit From: Douglas Otis Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Fri, 6 Jul 2007 22:48:44 -0700 To: DKIM WG X-Mailer: Apple Mail (2.752.2) X-Songbird: Clean, Clean X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: c1c65599517f9ac32519d043c37c5336 On Jul 6, 2007, at 5:59 PM, Steve Atkins wrote: > > On Jul 6, 2007, at 5:31 PM, Douglas Otis wrote: > >> >> On Jul 6, 2007, at 5:19 PM, Steve Atkins wrote: >> >>> >>> On Jul 6, 2007, at 5:09 PM, Dave Crocker wrote: >>> >>>> Folks, >>>> >>>> I'm not sure whether this fits into SSP or not, since it does >>>> not seem to require that a record be published. However... >>>> >>>> It seems to me that if a message has a DKIM signature and the >>>> signing domain matches the domain in the rfc2821.MailFrom >>>> command, then it is safe to generate a bounce message to that >>>> address. >>>> >>>> By 'safe' I mean that one can be confident that the mail will >>>> not go to an unwitting victim of a spoofed address. >>>> >>>> Am I missing something? >>> >>> If the mail is sent by dick@earthlink.net (or a virus on their >>> machine), with an envelope from address of jane@earthlink.net out >>> through the DKIM stamping earthlink smarthost and you generate a >>> bounce, that bounce will go to Jane. >> >> Earthlink added the signature. This falls into the same category >> as would any replay problem. Once again, tpa-ssp helps cope with >> that issue as well. > > Why do you consider this a "replay problem" when there is no replay > involved? This is a replay problem otherwise the MailFrom path would _not_ be involved. There is _nothing_ to even suggest Earthlink transmitted the message to the server bouncing the message. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sat Jul 07 11:36:45 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7CKz-0000Hs-Ia for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 11:36:45 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7CKv-0000Sl-60 for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 11:36:45 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67FYNvR029269; Sat, 7 Jul 2007 08:34:30 -0700 Received: from m.wordtothewise.com (fruitbat.wordtothewise.com [208.187.80.135]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67FYDMC029217 for ; Sat, 7 Jul 2007 08:34:13 -0700 Received: from [10.3.2.25] (184.wordtothewise.com [208.187.80.184]) by m.wordtothewise.com (Postfix) with ESMTP id 26D5080100 for ; Sat, 7 Jul 2007 08:34:21 -0700 (PDT) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <468EF2D9.9040406@dcrocker.net> References: <468ED9B3.8070602@dcrocker.net> <468EDEAA.5080501@dcrocker.net> <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> <468EF2D9.9040406@dcrocker.net> Content-Type: text/plain; charset=ISO-8859-1; delsp=yes; format=flowed Message-Id: <914A44BE-D737-48A9-821F-D36FA9B114D5@blighty.com> From: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Sat, 7 Jul 2007 08:34:16 -0700 To: DKIM WG X-Mailer: Apple Mail (2.752.3) X-Songbird: Clean, Clean X-MIME-Autoconverted: from quoted-printable to 8bit by sb7.songbird.com id l67FYDMC029217 X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by sb7.songbird.com id l67FYNvR029269 X-Spam-Score: 0.0 (/) X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2 On Jul 6, 2007, at 6:56 PM, Dave Crocker wrote: > > > Steve Atkins wrote: >>> so, perhaps, an SSP record by the signing domain that says =20 >>> MailFrom is valid? >> Possibly. What's the problem you're trying to solve? > > I really hate it when people ask pragmatic questions like that. I =20 > mean, really Steve, didn't you know that value propositions are =20 > soooo pas=E9? > > But I suppose I have to answer it: > > I'm about to generate a bounce-category message. If I'm suspicious =20 > enough of the original message, I might decide not to. By way of =20 > trying to squelch bad bounce traffic at its source. > > Given the DKIM sig and the "Return" SSP record, I'll generate it =20 > since the return address domain has said it's valid. Wouldn't you be better looking at the i=3D tag in the DKIM-Signature =20 header, anyway? Cheers, Steve _______________________________________________ NOTE WELL: This list operates according to=20 http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sat Jul 07 11:45:19 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7CTH-0005mn-Gi for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 11:45:19 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7CTD-00013j-3t for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 11:45:19 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67FiOYn031058; Sat, 7 Jul 2007 08:44:25 -0700 Received: from [192.168.0.3] (ppp-68-120-198-72.dsl.pltn13.pacbell.net [68.120.198.72]) (authenticated bits=0) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67FiHhg031013 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 7 Jul 2007 08:44:17 -0700 Message-ID: <468FB483.5060609@dcrocker.net> Date: Sat, 07 Jul 2007 08:42:59 -0700 From: Dave Crocker Organization: Brandenburg InternetWorking User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: Steve Atkins Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <468ED9B3.8070602@dcrocker.net> <468EDEAA.5080501@dcrocker.net> <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> <468EF2D9.9040406@dcrocker.net> <914A44BE-D737-48A9-821F-D36FA9B114D5@blighty.com> In-Reply-To: <914A44BE-D737-48A9-821F-D36FA9B114D5@blighty.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dcrocker@bbiw.net List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 52e1467c2184c31006318542db5614d5 Steve Atkins wrote: >> Given the DKIM sig and the "Return" SSP record, I'll generate it since >> the return address domain has said it's valid. > > Wouldn't you be better looking at the i= tag in the DKIM-Signature > header, anyway? Since it's optional, I hadn't thought to rely on it. Since it's intent is different, I'd be concerned about *requiring* i= as the sole means for resolving this. That said, if the i= is present AND it matches the rfc2821.MailFrom, then it does indeed seem like it closes the hole that you observed. So the Bounce SSP record would only be needed if the domains matched and there were no i=. The implied question that John L. raises -- squelch at source vs. squelch at destination -- is entirely valid. I think it boils down to: Is it worth the administrative, operational and computational overhead of this extra mechanism to prevent generation of specious bounces? d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sat Jul 07 12:39:20 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7DJY-0001P2-06 for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 12:39:20 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7DJT-00067G-Ga for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 12:39:19 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67GbBbH008423; Sat, 7 Jul 2007 09:37:16 -0700 Received: from winserver.com (ntbbs.winserver.com [208.247.131.9]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67GapJt008372 for ; Sat, 7 Jul 2007 09:36:51 -0700 Received: by winserver.com (Wildcat! SMTP Router v6.2.452.2) for ietf-dkim@mipassoc.org; Sat, 07 Jul 2007 12:36:50 -0400 Received: from hdev1 ([72.144.191.45]) by winserver.com (Wildcat! SMTP v6.2.452.2) with ESMTP id 2164882079; Sat, 07 Jul 2007 12:36:49 -0400 Message-ID: <468FC118.2090101@santronics.com> Date: Sat, 07 Jul 2007 12:36:40 -0400 From: Hector Santos Organization: Santronics Software, Inc. User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: dcrocker@bbiw.net Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <468ED9B3.8070602@dcrocker.net> In-Reply-To: <468ED9B3.8070602@dcrocker.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Songbird: Clean, Clean Cc: ietf-dkim@mipassoc.org X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.2 (/) X-Scan-Signature: f60d0f7806b0c40781eee6b9cd0b2135 Dave Crocker wrote: > Folks, > > I'm not sure whether this fits into SSP or not, since it does not seem > to require that a record be published. However... > > It seems to me that if a message has a DKIM signature and the signing > domain matches the domain in the rfc2821.MailFrom command, then it is > safe to generate a bounce message to that address. > > By 'safe' I mean that one can be confident that the mail will not go to > an unwitting victim of a spoofed address. > > Am I missing something? Two things: 1) Of course, 2821.MAIL FROM is not 2822.FROM, 2) BOUNCE is for non-deliverables, not "non authenticated messages." We should be careful to mix bounce semantics. We have the possible technical logic: A - Message Deliverable Status (1, 0) B - Message Authentication Status (1, 0, ?) That gives you 6 possible scenarios: A1, B1 --> PERFECT WORLD! A1, B0 --> DROP, BOUNCE DOES NOT APPLY A1, B? --> DROP MAYBE?, BOUNCE DOES NOT APPLY A0, B1 --> DKIM DOES NOT APPLY, MSG NOT DELIVERABLE -> BOUNCE A0, B0 --> DKIM DOES NOT APPLY, MSG NOT DELIVERABLE -> BOUNCE A0, B? --> DKIM DOES NOT APPLY, MSG NOT DELIVERABLE -> BOUNCE Maybe you thinking DKIM STATUS REPORTING feedback concept? In my book, RFC2822 is a 2nd stage consideration. 2821 comes first and for systems doing 2821 level successful checks, the BOUNCE is considered "USEABLE." In other words, in order to avoid bounce attacks, the 2821 system has to do its checks outside of 2822 considerations such as DKIM. This might include SSP checking before the message is ACCEPTED at the DATA level, and the only type of SSP you should check for is for your basic SSP/DKIM violations as described in DSAP. - NO-MAIL EXPECTATION - NO SIGNATURE EXPECTED/BUT MSG IS SIGNED - SIGNATURE EXPECTED/BUT MSG IS NOT SIGNED DKIM validation is not required. This is what we are doing in our products, and in fact, are currently adding the logic to our List Server where it does some rudimentary subscription DKIM POLICY checks. -- Sincerely Hector Santos, CTO http://www.santronics.com http://santronics.blogspot.com _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sat Jul 07 13:34:54 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7EBI-0006TT-Al for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 13:34:53 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7EBD-0002GW-Tv for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 13:34:52 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67HXl4O019415; Sat, 7 Jul 2007 10:33:47 -0700 Received: from fugu.mtcc.com (mtcc.com [64.142.29.208]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67HXck1019360 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Sat, 7 Jul 2007 10:33:38 -0700 Received: from [192.168.0.101] (sj-natpool-220.cisco.com [128.107.248.220]) (authenticated bits=0) by fugu.mtcc.com (8.13.8/8.13.8) with ESMTP id l67HXaU9026454 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 7 Jul 2007 10:33:44 -0700 Message-ID: <468FCF5A.5030101@mtcc.com> Date: Sat, 07 Jul 2007 10:37:30 -0700 From: Michael Thomas User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8.0.12) Gecko/20070509 Thunderbird/1.5.0.12 Mnenhy/0.7.5.666 MIME-Version: 1.0 To: dcrocker@bbiw.net Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <468ED9B3.8070602@dcrocker.net> <468EDEAA.5080501@dcrocker.net> <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> <468EF2D9.9040406@dcrocker.net> <914A44BE-D737-48A9-821F-D36FA9B114D5@blighty.com> <468FB483.5060609@dcrocker.net> In-Reply-To: <468FB483.5060609@dcrocker.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Authentication-Results: fugu.mtcc.com; header.From=mike@mtcc.com; dkim=neutral ( ssp=~; ); X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: bb8f917bb6b8da28fc948aeffb74aa17 Dave Crocker wrote: > > > Steve Atkins wrote: >>> Given the DKIM sig and the "Return" SSP record, I'll generate it >>> since the return address domain has said it's valid. >> >> Wouldn't you be better looking at the i= tag in the DKIM-Signature >> header, anyway? > > > Since it's optional, I hadn't thought to rely on it. > > Since it's intent is different, I'd be concerned about *requiring* i= > as the sole means for resolving this. > > That said, if the i= is present AND it matches the rfc2821.MailFrom, > then it does indeed seem like it closes the hole that you observed. > > So the Bounce SSP record would only be needed if the domains matched > and there were no i=. > > The implied question that John L. raises -- squelch at source vs. > squelch at destination -- is entirely valid. I think it boils down > to: Is it worth the administrative, operational and computational > overhead of this extra mechanism to prevent generation of specious > bounces? An interesting side effect is that it would also suppress bounce messages from mailing lists, even if they resigned. I'm not sure if this is a feature or a bug. Mike _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sat Jul 07 13:58:03 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7EXj-00083i-1m for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 13:58:03 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7EXe-000352-LQ for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 13:58:03 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67HvKX4024106; Sat, 7 Jul 2007 10:57:25 -0700 Received: from [192.168.0.3] (ppp-68-120-198-72.dsl.pltn13.pacbell.net [68.120.198.72]) (authenticated bits=0) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67HvFC1024084 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 7 Jul 2007 10:57:15 -0700 Message-ID: <468FD3AD.6060508@dcrocker.net> Date: Sat, 07 Jul 2007 10:55:57 -0700 From: Dave Crocker Organization: Brandenburg InternetWorking User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: Michael Thomas Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <468ED9B3.8070602@dcrocker.net> <468EDEAA.5080501@dcrocker.net> <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> <468EF2D9.9040406@dcrocker.net> <914A44BE-D737-48A9-821F-D36FA9B114D5@blighty.com> <468FB483.5060609@dcrocker.net> <468FCF5A.5030101@mtcc.com> In-Reply-To: <468FCF5A.5030101@mtcc.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dcrocker@bbiw.net List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906 Michael Thomas wrote: > An interesting side effect is that it would also suppress bounce messages > from mailing lists, even if they resigned. I'm not sure if this is a > feature or a bug. I think that that will depend entirely on the way the SSP record is defined, much like the constraints on rfc2821.From values that are being discussed. So, yeah, if the SSP associated with the MailFrom says "rfc2821.MailFrom" must match a DKIM signature, or somesuch, then a mailing list that inserts its own MailFrom, without adding its own signature, could break bounces. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sat Jul 07 17:07:58 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7HVW-0002xO-IR for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 17:07:58 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7HVS-0007ai-5Y for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 17:07:58 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67L5rZI029771; Sat, 7 Jul 2007 14:06:07 -0700 Received: from mailout00.controlledmail.com (mailout00.controlledmail.com [72.81.252.19]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67L5kbH029688 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 7 Jul 2007 14:05:47 -0700 Received: from mailout00.controlledmail.com (localhost [127.0.0.1]) by mailout00.controlledmail.com (Postfix) with ESMTP id 814CF5CC153 for ; Sat, 7 Jul 2007 21:05:50 +0000 (UTC) Received: from [192.168.111.102] (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by mailout00.controlledmail.com (Postfix) with ESMTP id 70B665CC12C for ; Sat, 7 Jul 2007 21:05:50 +0000 (UTC) From: Scott Kitterman To: ietf-dkim@mipassoc.org Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Sat, 7 Jul 2007 17:05:48 -0400 User-Agent: KMail/1.9.5 References: <468ED9B3.8070602@dcrocker.net> In-Reply-To: <468ED9B3.8070602@dcrocker.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200707071705.48160.ietf-dkim@kitterman.com> X-AV-Checked: ClamAV using ClamSMTP X-Songbird: Clean, Clean X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d On Friday 06 July 2007 20:09, Dave Crocker wrote: > Folks, > > I'm not sure whether this fits into SSP or not, since it does not seem to > require that a record be published. However... > > It seems to me that if a message has a DKIM signature and the signing > domain matches the domain in the rfc2821.MailFrom command, then it is safe > to generate a bounce message to that address. > > By 'safe' I mean that one can be confident that the mail will not go to an > unwitting victim of a spoofed address. victim/domain yes. > Am I missing something? > > d/ I'm sure the protocol police would be out in force as this is a layer violation, but I expect if limited to the case where 2821 Mail From domain is the same as the signing domain it would likely be reasonably effective. SPF Pass would (if available) give you the same or better confidence. Scott K _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sat Jul 07 17:10:30 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7HXx-00051g-W4 for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 17:10:29 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7HXt-0007on-Iq for ietf-dkim-archive@lists.ietf.org; Sat, 07 Jul 2007 17:10:29 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67L9mMZ030616; Sat, 7 Jul 2007 14:09:48 -0700 Received: from harry.mail-abuse.org (Harry.Mail-Abuse.ORG [168.61.5.27]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l67L9cLd030545 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sat, 7 Jul 2007 14:09:38 -0700 Received: from [IPv6:::1] (gateway1.sjc.mail-abuse.org [168.61.5.81]) by harry.mail-abuse.org (Postfix) with ESMTP id 56D124142A; Sat, 7 Jul 2007 14:09:46 -0700 (PDT) In-Reply-To: <468FD3AD.6060508@dcrocker.net> References: <468ED9B3.8070602@dcrocker.net> <468EDEAA.5080501@dcrocker.net> <1B5A8E59-0ED1-4960-BB08-65CD35214A77@blighty.com> <468EF2D9.9040406@dcrocker.net> <914A44BE-D737-48A9-821F-D36FA9B114D5@blighty.com> <468FB483.5060609@dcrocker.net> <468FCF5A.5030101@mtcc.com> <468FD3AD.6060508@dcrocker.net> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <2A0E8DCA-E5A8-4F32-BED6-4E4C337B8122@mail-abuse.org> Content-Transfer-Encoding: 7bit From: Douglas Otis Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? Date: Sat, 7 Jul 2007 14:10:18 -0700 To: dcrocker@bbiw.net X-Mailer: Apple Mail (2.752.2) X-Songbird: Clean, Clean Cc: DKIM WG X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb On Jul 7, 2007, at 10:55 AM, Dave Crocker wrote: > > > Michael Thomas wrote: >> An interesting side effect is that it would also suppress bounce >> messages from mailing lists, even if they resigned. I'm not sure >> if this is a feature or a bug. > > I think that that will depend entirely on the way the SSP record is > defined, much like the constraints on rfc2821.From values that are > being discussed. > > So, yeah, if the SSP associated with the MailFrom says > "rfc2821.MailFrom" must match a DKIM signature, or somesuch, then a > mailing list that inserts its own MailFrom, without adding its own > signature, could break bounces. What is lacking is a defined strategy to deal with possible replay abuse. It could be assumed a signing domain has some strategy to handle replay abuse originating within their own domain. This replay abuse can result from MailFrom bounces, or from forwarded messages. Traffic from mailing lists will require exceptional handling, especially when the message signature has not been invalidated. BATV will not help when a message passes through a mailing list. BATV must also restrict where messages are allowed to originate to those outbound servers sharing the encoding secret. Avoiding the initiation of a bounce independent of whether some email- address matches that of the MailFrom, would be to note whether the SMTP client was within the signing domain. When the SMTP client is within the signing domain, the chance of a message being a replay diminishes greatly. This would not require any email-address contained within the message to match that of the signing domain. -Doug _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sun Jul 08 12:33:10 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7Zh8-0002kF-M0 for ietf-dkim-archive@lists.ietf.org; Sun, 08 Jul 2007 12:33:10 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7Zh4-0008TV-9h for ietf-dkim-archive@lists.ietf.org; Sun, 08 Jul 2007 12:33:10 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l68GVATC005720; Sun, 8 Jul 2007 09:31:15 -0700 Received: from gal.iecc.com (gal.iecc.com [208.31.42.53]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l68GURvF005569 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Sun, 8 Jul 2007 09:30:28 -0700 Received: (qmail 99681 invoked from network); 8 Jul 2007 16:30:35 -0000 Received: from mail1.iecc.com (208.31.42.56) by mail1.iecc.com with QMQP; 8 Jul 2007 16:30:35 -0000 Date: 8 Jul 2007 16:30:35 -0000 Message-ID: <20070708163035.9409.qmail@simone.iecc.com> From: John Levine To: ietf-dkim@mipassoc.org Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? In-Reply-To: <468FD3AD.6060508@dcrocker.net> Organization: Mime-Version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit X-Songbird: Clean, Clean Cc: dcrocker@bbiw.net X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: -0.1 (/) X-Scan-Signature: de4f315c9369b71d7dd5909b42224370 >> An interesting side effect is that it would also suppress bounce messages >> from mailing lists, even if they resigned. I'm not sure if this is a >> feature or a bug. >So, yeah, if the SSP associated with the MailFrom says >"rfc2821.MailFrom" must match a DKIM signature, or somesuch, then a >mailing list that inserts its own MailFrom, without adding its own >signature, could break bounces. I wouldn't worry too much about that scenario, since if anyone sets that flag, everyone will be throwing away his mailing list mail anyway. R's, John _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sun Jul 08 14:20:12 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7bMh-00067v-RR for ietf-dkim-archive@lists.ietf.org; Sun, 08 Jul 2007 14:20:11 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7bMd-0002oq-Et for ietf-dkim-archive@lists.ietf.org; Sun, 08 Jul 2007 14:20:11 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l68IIaSh026694; Sun, 8 Jul 2007 11:18:46 -0700 Received: from [192.168.0.3] (ppp-67-124-90-112.dsl.pltn13.pacbell.net [67.124.90.112]) (authenticated bits=0) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l68IIRFv026661 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 8 Jul 2007 11:18:27 -0700 Message-ID: <46912A23.5050105@dcrocker.net> Date: Sun, 08 Jul 2007 11:17:07 -0700 From: Dave Crocker Organization: Brandenburg InternetWorking User-Agent: Thunderbird 2.0.0.4 (Windows/20070604) MIME-Version: 1.0 To: John Levine Subject: Re: [ietf-dkim] DKIM signature can mean it's safe to generate bounce? References: <20070708163035.9409.qmail@simone.iecc.com> In-Reply-To: <20070708163035.9409.qmail@simone.iecc.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Songbird: Clean, Clean Cc: ietf-dkim@mipassoc.org X-BeenThere: ietf-dkim@mipassoc.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dcrocker@bbiw.net List-Id: IETF DKIM Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ietf-dkim-bounces@mipassoc.org Errors-To: ietf-dkim-bounces@mipassoc.org X-SongbirdInformation: support@songbird.com for more information X-Songbird-From: ietf-dkim-bounces@mipassoc.org X-Spam-Score: 0.0 (/) X-Scan-Signature: 0bc60ec82efc80c84b8d02f4b0e4de22 John Levine wrote: >>> An interesting side effect is that it would also suppress bounce messages >>> from mailing lists, even if they resigned. I'm not sure if this is a >>> feature or a bug. > >> So, yeah, if the SSP associated with the MailFrom says >> "rfc2821.MailFrom" must match a DKIM signature, or somesuch, then a >> mailing list that inserts its own MailFrom, without adding its own >> signature, could break bounces. > > I wouldn't worry too much about that scenario, since if anyone sets that > flag, everyone will be throwing away his mailing list mail anyway. I think this depends upon the definition of 'this flag' and what range of assertions is permits. If it is a one-bit flag, then you are no-doubt correct. d/ -- Dave Crocker Brandenburg InternetWorking bbiw.net _______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html From ietf-dkim-bounces@mipassoc.org Sun Jul 08 14:45:01 2007 Return-path: Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1I7bkj-0002NH-FU for ietf-dkim-archive@lists.ietf.org; Sun, 08 Jul 2007 14:45:01 -0400 Received: from sb7.songbird.com ([208.184.79.137]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1I7bkf-0003Gz-1c for ietf-dkim-archive@lists.ietf.org; Sun, 08 Jul 2007 14:45:01 -0400 Received: from sb7.songbird.com (sb7.songbird.com [127.0.0.1]) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l68IhlZ4031825; Sun, 8 Jul 2007 11:43:48 -0700 Received: from [192.168.0.3] (ppp-67-124-90-112.dsl.pltn13.pacbell.net [67.124.90.112]) (authenticated bits=0) by sb7.songbird.com (8.12.11.20060308/8.12.11) with ESMTP id l68IheQr031798 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for