GNOME.org
 

Re: [tcamp agari com: Re: dmarc visibility]

Hello again Tobi,

after evaluating Agari's proposed product I feel their offer is not in
the interest of the GNOME Infrastructure for various reason both
technical and ethical:

1. we try to rely on FOSS on every single piece of our infrastructure
and Agari's product are not compliant to that
2. we don't want our e-mails to be monitored by third parties in any way
3. our setup prevents us to make use of DMARC (in its form of SPF and
DKIM records) as we don't store mailboxes on our servers nor offer a
relaying smtp server for @gnome.org e-mail owners. Introducing SPF and
DKIM records would mean preventing any @gnome.org e-mail owner to send
an e-mail with that From: header from a server which is not the one
specified on the above records which will result in a mass refusal of
every single e-mail being sent from servers != from smtp.gnome.org

Please thank Agari for their generous offer and thanks for taking the
time to forward their proposal to us for a review.

2014-12-03 18:55 GMT+01:00 Andrea Veri <av gnome org>:

Thanks Tobi for forwarding it, I'll have a look at the spec in the
coming days and provide a reply.


cheers,

2014-12-03 18:35 GMT+01:00 Tobias Mueller <muelli cryptobitch de>:

Hi.

If this offer is interesting, let me know, and I can follow up.

Cheers,
  Tobi


---------- Messaggio inoltrato ----------
From: Tomki Camp <tcamp agari com>
To: Tobias Mueller <muelli cryptobitch de>, Olav Vitters <olav vitters nl>
Cc: <security gnome org>, <board gnome org>
Date: Mon, 24 Nov 2014 07:54:06 -0800
Subject: Re: dmarc visibility
Sure.  Very briefly, the benefit of DMARC is in allowing you to see who is
sending email making use of your domain(s) in the RFC 5322.From header,
and whether they are passing SPF and/or DKIM authentication.
Some participating email receivers this visibility comes from: AOL, Yahoo,
Microsoft, Gmail, Comcast, Netease, Mail.RU

There is an optional policy enforcement portion to the DMARC advertisement
as well, if a domain owner decides that their fraud problem is great
enough, and the authentication on the domain is complete enough.

A basic monitor-only DMARC record is a TXT record in DNS of this form:
gnome.org  TXT  "v=DMARC1; p=none; rua=mailto:gnome rua agari com;
ruf=mailto:gnome ruf agari com;fo=1”

The spec:
https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1

regards,
—Tomki


-----Original Message-----
From: Tobias Mueller <muelli cryptobitch de>
Date: Monday, November 24, 2014 at 05:29
To: Olav Vitters <olav vitters nl>
Cc: Tomki Camp <tcamp agari com>, <security gnome org>, <board gnome org>
Subject: Re: dmarc visibility


Hi.

On Thu, Nov 13, 2014 at 10:29:38AM +0100, Olav Vitters wrote:

On Thu, Nov 13, 2014 at 12:16:18AM -0800, Tomki Camp wrote:

I would like to offer Gnome a free (for at least 6 months, and longer

if I

am allowed to provide it) account on Agari for you to make use of our

tools

for DMARC data digestion and views.
[...]

This is more for the board to answer. I've added them in cc. Fully
quoting your email for that reason.

I don't understand what this service is.

I guess it's up to our infrstructure people to decide whether it's useful
for us.

Cheers,
 Tobi




_______________________________________________
gnome-infrastructure mailing list
gnome-infrastructure gnome org
https://mail.gnome.org/mailman/listinfo/gnome-infrastructure




--
Cheers,

Andrea

Debian Developer,
Fedora / EPEL packager,
GNOME Infrastructure Team Coordinator,
GNOME Foundation Board of Directors Secretary,
GNOME Foundation Membership & Elections Committee Chairman

Homepage: http://www.gnome.org/~av




-- 
Cheers,

Andrea

Debian Developer,
Fedora / EPEL packager,
GNOME Infrastructure Team Coordinator,
GNOME Foundation Board of Directors Secretary,
GNOME Foundation Membership & Elections Committee Chairman

Homepage: http://www.gnome.org/~av
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]