| From: | José Luis Tallón <jltallon(at)adv-solutions(dot)net> |
|---|---|
| To: | Greg Stark <stark(at)mit(dot)edu> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>, Magnus Hagander <magnus(at)hagander(dot)net>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Michael Paquier <michael(dot)paquier(at)gmail(dot)com>, Kevin Grittner <kgrittn(at)gmail(dot)com> |
| Subject: | Re: New email address |
| Date: | 2015-11-26 23:13:45 |
| Message-ID: | 56579229.6030306@adv-solutions.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 11/26/2015 09:12 PM, Greg Stark wrote:
> On Wed, Nov 25, 2015 at 6:55 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>>> But my point was that while the RFC says what to put there there's
>>> absolutely no reference anywhere for when the information should cause
>>> any MUA or MTA to behave differently.
>> Agreed. To my mind that's a reason why Sender should not be DKIM-signed.
>> Unfortunately, RFC 6376 explicitly suggests doing so ... and it looks like
>> some people are taking that advice.
> Hm, I see it as a reason why signing Sender is reasonable. If it were
> a functional header then there might be a reason it would have to be
> changed. But if it's purely informational and the receiving MUA is
> going to display to the user (which is a bad idea imho but Gmail and
> Exchange both do it) then it makes sense to expect some authentication
> for it. I think the thinking is basically "sign everything we're going
> to present to the user phishers can't claim to be someone they're
> not". In which case it's fairly important that things like Sender be
> signed. Or that everyone agree it's just a useless header and stop
> sending or displaying it.
From DMARC.org's Wiki:
<<< 2 Add an "Original Authentication Results" header to indicate you have
performed the authentication and you are validating it
3 Take ownership of the email, by removing the DKIM signature and
putting your own
as well as changing the from header in the email to contain an email
address
within your mailing list domain. >>>
Read elsewhere: "To allow for forwarding scenarios, DMARC also allows
the *Display From* to be cryptographically signed by DKIM, and if any
unauthorized spammer or phisher were to attempt to assume that identity,
the encryption would fail."
> I don't think we should base any action on guesses of what Gmail does.
> Google may do something we don't expect that's more complex to work
> around the problem. For one thing you can have email addresses at
> Google from a number of domains so they may well be able to have more
> than one policy for different users.
Yep
> I would suggest we stop doing things that are obviously incompatible
> with DKIM -- header and body munging for example. And I suspect we can
> stop touching Sender without any ill effects too.
>
> One idea might be to add a script to check a user's domain for
> p=reject and send them a warning when subscribing (or sending mail to
> the list?) warning them of the problem.
Definitively worth the effort, unless an almost perfect solution is found :S
/ J.L.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Stark | 2015-11-26 23:24:07 | Re: New email address |
| Previous Message | Euler Taveira | 2015-11-26 22:28:15 | Re: WIP: About CMake v2 |