[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Incomplete DMARC mangling on the list (was: Re: The spiped Docker image)

To: spiped@tarsnap.com
Subject: Incomplete DMARC mangling on the list (was: Re: The spiped Docker image)
From: Tim Düsterhus <tim@bastelstu.be>
Date: Thu, 9 Apr 2020 22:45:25 +0200
Autocrypt: addr=tim@bastelstu.be; prefer-encrypt=mutual; keydata= mQGiBEp4RjERBADS2mpyB7QAFM2JbgCNMbhxOCCvwm4uakKOaL8Csjb3ZyEFxs4e6pxCikJX U3ZxByA5tPv5C6RnSdizx7D/5Xj1W+DsYGRj9cSj+TKaIeZgyFi8V1jGMd42cvn4X8YXnu5W DZFwClOdS+cN8EgnrW+5l/HK8OxixiSctD1dorzIQwCgnZX+oW7O+IErYRKWPGEd8DVh/kUD /RvL7qH/q0oPYVzQ+aLyQLoMd38bcMfeHK0Ays6z7yZWomngznRtfqxD6RNnRQbfytmlRIka 7MB+dkn+In3d6h5wAZFxLCHRk/Gn53+Ddxs9/Lb+kDlSHLQ23vZOBWiEpJ5++qOV9E5TOLhP W47D2cnHSyzQiFoif/q3Aiqj20diA/0Ss/fB1eOV6gNaMPbFfPMDvGslAe5x5qb0ZmlUSAKN xlqB2jDD3mXQqVP2Qxtjt6xOuCu0MzxPhBoGN6nyxkIgpPKWDDRGEcQfcZPJfq/nZ+Jyh+SV la3bLIRfDQ0+fuHQ4UeRdCmZ7738WWBel5iOhk6hvdOtMtwRN5T0qp7qoLQoVGltIETDvHN0 ZXJodXMgPHRpbXdvbGxhQGdvb2dsZW1haWwuY29tPohlBBMRAgAlAhsjBgsJCAcDAgYVCAIJ CgsEFgIDAQIeAQIXgAUCTJtYowIZAQAKCRBXjoZ92bSMeNh1AJ9WWlpzeAYbrebYxQ6e57MH R/GQ8gCeK9dSiK+Rjg1xD8dESdL46WIFVO25Ag0ESnhGMRAIAOh1hkQU+rfEdNp1Rc7rZ+Ts yCc2UF1/lN76ElVAHbAmymfIuUqUBNtwoGrTgnTFO2PwD6LJOj4B7m6hNCtf175nT03ibQ2R JZAG28Qz/xe5gY8F5gctCZ9u2j7iO/a9t54byKUauGWgSaW3pQQzmw12Y6Sp/uWmuDznDOum GTFgSEZlWhDtDqSNeolk5pBTUcwZwYDJRpqtsCkrlhgX4gBekd8MxitCe8QPfNNId52NpVfN +Nlz67HQwDEIvFGUTG0cJD7Gj/tESSbs1CKWiY0W3pElDp5tLMjiDpCUfx6rchUDW6/fStXY jTRi8UIy3TQEKpjmZM2OANePACS41hsAAwUIAMFR5eo1jTBH0E9T9wFSQ9PSow2EOp1d2ps3 hHqps37JhL7Vt45f1AeoUrDtOdfsVeCG+sx5Dp/0aeqZwmmUtTPc4GVvwngsN7Hy2jajkL8m zODOtKjMkZS3gNPhKoLYi77/h7uxSU6fUXJpHZU8V76xopFMNR/Jdz+GE1H0Vr6ATn3Z8ru4 IcC5rm09VxxBYWccm5Q8Hqx3yKG6sr4gkidnAfmCOsGsoNDk4J3QUtBHsuLkhVfktfqUvRPq c3ovBZqv7eMyvCyua2zKA+hC/nMLZLZERMgq6FXTAlLdPW3GxpEqYGkuSS3oO2zDBUVK2+cx 6sEMonVpE82AdirIYp+ISQQYEQIACQUCSnhGMQIbDAAKCRBXjoZ92bSMeIkYAJ9D83PUFmJN L3akxujHleQTfD4W0gCfU9AHzHHm11IiXbBDJr5+eyS9N365BK4ETimSexEMAK924914/ROk DrGKaGSarkA5uTpwfE7gpf7vc02bdoCaEafNwQiVKiPc6EQXhWrNcaE/X8qQ/Kw43HlB3W8e 3kv1nUCKNk1YC1sydz8EgFMnpR69c42XPfx9u8dxWrxG+8mB/NcB2nPU9+Qos36tEhRkQ4BS CP9gzJURphKOOwiRkc0b7Myl/KqvwWe1Un8bJvBrzm6O0ZC8TbcvJwfmjzTyit6oYj8Y+y06 Hxwo8BlatATotatNDRd6JkxJGJL26UW7RqjkOh/61MKOQ0h+1S9zSnWPADT9yZIevvbwLju7 kMpEG9lHiIeC7rSf6Nvx8096YwekOaT9aZSSI+dtf0516/UmhgPjystSx5mi8DENjcu00jvp IDGu9SQo3wp31ed20yL3o9PvX0TBrN44yYcq57Z1uxWIf5wol8s1fclCUkwY4+GuRHFrblm8 K/HFOr1Vcff/qcJCk2Gw06a0jvqteCQdLVSrB+ban8MrsRviTyrzqmVfPvkRQLeV/iKS6wEA paDhqmMeW2EwuzQSYDn4kWh+sDlx9QhKCdH1DUYM99UL/0fJ54i75/a0j6cDA5ZASU4/yY2Z RZGSWMFeZRnYe//4+Jhv68nG09SYCqhm9QX2sfLysox/o7qpJH+y8K2gcvsqKftOuIi3vyhq 2Fwftrcch3zR5y46q7/uukkIZO8ByO/0psJofaC3AiAw5PSRZ70DQpUTlqqcOuWKBQppUpgw VsbD4hyupVPzS34AU76PvlaJk+QcVHTvtIfbP135NQ0/qMQUXwQ3Vz+WoXy6MrqJCF6VPdpU vGrUPfLNYS+b5lUdan/PZ8q9J4P+S0uHQu/3vsu4oXo9t7sJ1v5alX73nrkcucNtrwVHM/6Z alGlADGYQgWGZvzi6oxdVsKli40GfxVDoY4v/rd6rlEHR+1yANN7lIgcviqOB0YbsYTikOXt lx8uTqtqlKoAtHu/mLkdp1mK9MUXbFkytw4o/n3YXqsNyFjZMK+F3dChM6dFfMVbYAYOrKHw 2SAJIMQU5FfCbVibANRag7AyF4nWDe9o2I+yi1V+4OdfHqNePb0QUAwAjIdIoy/nZTj14L6H ulr+UprFP9IoS0O6mrPGa47ZtU7eLjIdXx87CBARJgBxWRnIYjwxR+/PLAEFOKZGOT4juj5y cPsbUjS0eN5m6QwAxveF0srd8QBl9qrO4EudP0HqmoBhrNQMnO5oeAOaxsPo5HvnqIdKIjQv /ZCgHUa0zwGXhILpJJWOIFUjFr1gcPuvr0OskX/ZnZFHWQ84wDJ8z80CQS8eKrbsyq/obCfl aau+QfnWnsyiDlBqipusXC5tGDlb5kyXiTviLZMToFIWeiCrjL3V2R2Tg4wr0PFGmPdfvxqm w6+gaRimvEmvvJ2sWoLKJu6IpeMFE20O/FL8+DJXkL3RDioa1iKlpdyiD1orLR9jXap63Mbw MuiB/K4965zIf/GiISfswW1xW3ukWIhJfqmF2fql3SH0vQSBIVJRvSW0efhG7H/YjGfXqDKC a0wacg0elqvX9VwWcP9MoHa6UeV/nsZuqnBAGyak3g7uE7xT5IWJVJNKRRpthPA0iKkEGBEC AAkFAk4pknsCGwIAagkQV46Gfdm0jHhfIAQZEQgABgUCTimSewAKCRCfzyiD8J4kg5dxAQCc /YwBdt00ztF23uumyi2mYzrTR8LVHKfR1POT+dxuxQD+ML6hTOX0NqPWW9mQU2b8pd9UYtxq +0XTavRGokSngWMiZQCfWmbOga1DIM2h4pbhmXQOoh2EY2MAn039/2PdmFfmzaie6Lr/BwGg knDOuQQNBE4pkrkQEADj/6KAobLzjBxlT7/UNksWkADYg9Ir0bPyIEhD3ce9Bymmy//qEh61 DV1TAg7TieB70f8/sAa951sg7Uystkcmxvyfp/LCL4K4m4avhHrCPfzvjNJUkoZuaYQUqOya jzR8lxaRH5yWd40ZjV2yz07oDe48UkMGVpx8mad75HrmUc6rok5X0JuONkP43C+avCe7y/JS fvD/nOX2yQMUm+l4jNQKj3u62smaE1TXFUwMutO8OIjMEwVO+/whpKq2FV0TE0Bo+ilVVe6h xJ3aW3w4XFMa9wn5IdO5C2j32hQ9k1b3HBjAS1/Thv8fCxyRKLyknvLsO6YEf2aq4t7Yl4yP 4q9uDzijb+tM1e+Mg6qQtp+VChbS5pG2UenexUjyXH3ZjniZX9vvsIEoF14+e+l5bjI2vql4 fKIm9/Joh/hsXcvkiKL++r5+0vbAhG931MMK93RJtyIYwjO73Q7ierMtoX/hjYauNaKMh9FK LtyB7k0SG6crCp/M9+ooT/VkCyVVpA5VsTnYnCKf5Y6d4HsDp6sMzOiCCwCwJB5va/kE4xYV kBDoSxs6XtIEBGsIESXqg92kLB/gc/tTQMOVfYYSdHuwNwV2ItIjnH/T8IYK4UFEEdpCKRhG ebi0meH7in+8x+Z9M4MpQ3PRB/fVlpmh1Z0rmSdScPWdZq8tXFygKwADBRAAqjYGt7t1+Too pbdD/ETboF6Nnb9nQ8DNAVOwzd6mOBfqLRUgm+VTSrQ63pfOGZAYoIY1Of2I+xG0/ORMFpBb VlcL8rbbZEgYlCi33givCuDIXyf/H63m0IKYmXyl6QqzuywJlmrvrwE1UN0N50nYc6Uvmpyl uMoSuD/Q3OW5VSUvZaknwWIhtTn2NdELW3YPN7+w9PJk8j9IzJU688gpq1Pj5yemdNEhdlj1 3CSeI7p5Eqb+ecllku5hUWpF3q6TT7+Hipy9291IXabC/idg44RImwJA6BCiGzW9in/4EgZ6 LsdIX8AObOiisLAg18vjM+0aFhjvnvighyg5D+V+cWX4TbW8/jdAjtbgA8lI2v27tLx2O7PM cBJWHZgqVvZMYgb9R3wJD7um9i3lNnB2IZkdRXm4f7d++tdHPRGaf9fJEzbioDR/XC5mrNhj NyxVdkHe0jGIubyiZm+Bk1u48sulB90nciIxnIZHIhEK+yvsN/kZO4FjW4TW3jg6j6J1CZKs zEJaMAbqmzFz8axAXLmKJ5BB1BGPTFlJiY8kqeKGver40AKWgbDbJGoFAiW8TI/WUYjmclsg xSEIfweiYfv9McPU8Q9LIr34Fy0MjNpxbGbgbNkzwcEMLG8Vi3TR5pxwdSewSt+SjyRJdauF biUvdeKlVu9NJ8q8vrk1A+2ISQQYEQIACQUCTimSuQIbDAAKCRBXjoZ92bSMeAJaAJ9FPFig eO+ECi9ospMU+Bgib+6sdwCfW+JcQNcwH+1TmKlFaXiqXZXMElQ=
In-reply-to: <789113178.3327537.1586461081299@mail.yahoo.com>
Openpgp: preference=signencrypt
References: <789113178.3327537.1586461081299.ref@mail.yahoo.com> <789113178.3327537.1586461081299@mail.yahoo.com>

Hi List,

Am 09.04.20 um 21:38 schrieb Vijay Kumar via spiped:
> Is the https://hub.docker.com/_/spiped   ; a legitimate Docker image of this spiped project?I didn't see any mention of this Docker image on the https://www.tarsnap.com/index.html    ; website. 
> 

I noticed that the 'From' of Vijay's email was mangled by the list in
response to, what I assume, DMARC records on the sending domain. However
the DKIM-Signature was not stripped and fails to validate (because of
the mangled 'From'):

> Authentication-Results: chrono.xqk7.com;
> 	dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=yahoo.com header.i=@yahoo.com header.b="q8zkdFPX";
> 	dkim-atps=neutral

I assume that this is not intended behavior.

Best regards
Tim Düsterhus

Follow-Ups:
- Re: Incomplete DMARC mangling on the list (was: Re: The spiped Docker image)
  - From: Colin Percival <cperciva@tarsnap.com>

References:
- The spiped Docker image
  - From: "Vijay Kumar via spiped" <spiped@tarsnap.com>

Prev by Date: Re: The spiped Docker image
Next by Date: Re: Incomplete DMARC mangling on the list (was: Re: The spiped Docker image)
Previous by thread: Re: The spiped Docker image
Next by thread: Re: Incomplete DMARC mangling on the list (was: Re: The spiped Docker image)
Index(es):
- Date
- Thread