[dmarc-discuss] DMARC thwarted already?

Terry Zink tzink at exchange.microsoft.com
Thu Jun 5 17:10:44 PDT 2014


> You could just show the domain in green on the MUA, to show that
> this email is successfully DMARC authenticated by the domain and the
> domain as strong DMARC policies (p=reject). I feel it should show the
> UTF8 version as well as the puny code version....
>
> No need of a CA.

If this were done then what is stopping me, as a spammer, from registering 1inkedin.com (or something similar to another high profile target), and then setting up DKIM and DMARC? If I send a malicious email, it would get highlighted the same as a message from linkedin.com. That's not what we want when it comes to highlighting messages; we are looking for the senders that we trust, not merely the senders that authenticate.

-- Terry

From: Franck Martin [mailto:fmartin at linkedin.com]
Sent: Thursday, June 5, 2014 5:00 PM
To: Terry Zink
Cc: dmarc-discuss at dmarc.org
Subject: Re: [dmarc-discuss] DMARC thwarted already?


On Jun 5, 2014, at 4:22 PM, Terry Zink via dmarc-discuss <dmarc-discuss at dmarc.org<mailto:dmarc-discuss at dmarc.org>> wrote:


Doesn't this come back to the whitelist idea? For the green bar SSL certs (Extended Validation), the certs have a bunch of information encoded in it, and the browsers have a list of CA's that they trust. AFAIK, the only way to do that for email is through DKIM but you wouldn't highlight all DKIM-signed email, only DKIM-signed email that you trust which is compared against a whitelist.

-- Terry

You could just show the domain in green on the MUA, to show that this email is successfully DMARC authenticated by the domain and the domain as strong DMARC policies (p=reject). I feel it should show the UTF8 version as well as the puny code version....

No need of a CA.

Spammers could use DMARC too, but it is about authentication/attribution not about reputation.

It seems to me the DMARC spec, should contain strong advice to MUA. MUA developers do read RFCs, otherwise they would never have done POP/IMAP...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://dmarc.org/pipermail/dmarc-discuss/attachments/20140606/1d7b2dc9/attachment.html>


More information about the dmarc-discuss mailing list