Re: Withdraw of [rt.amsl.com #13277]: Authentication-Results Header Field Appeal

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Feb 25, 2009, at 11:42 PM, Murray S. Kucherawy wrote:

Doug,

On Wed, 25 Feb 2009 00:10:21 -0800, Doug Otis wrote:
The Sender-Header-Auth draft clouds what should be clear and concise concepts. Organizations like Google have already remedied many of the security concerns through inclusion of free form comments.

For the sake of being thorough, I looked into this. A lead mail engineer at Gmail (I assume you're referencing Gmail and not Google's internal mail) tells me their inclusion of the relaying IP address as a comment in their Authentication-Results header fields has nothing to do with any sort of remedy in reference to any concerns they have about the specification. It is for use by some other internal processes (which he was not at liberty to discuss further).

This overlooks their claim that SMTP client IP address information is useful, even for undisclosed reasons. Even as a comment, it confirms IP addresses found elsewhere using regex as a remedy for defeating spoofed headers holding bogus IP addresses.

Since you cited a plurality, do you have any other specific examples?

Unfortunately other major DKIM provider Yahoo! does not offer this feature. Is your question seems aimed at ensuring the ESP wagons are fully circled? The draft omits information that is essential for checking whether a message source represents that of a NAT, for example. This is not about whether to accept a message, which might be where the reputation of the domain would matters, this is about determining whether the *authorized* client is known to protect message elements used to reference the authorizations. The Authentication-Results header is not about which messages are to be rejected, this header is about what results are safe to annotate.

-Doug
_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]