IETF Logo Mail Archive

Re: [dmarc-ietf] non-mailing list use case for differing header domains

Jesse Thompson <jesse.thompson@wisc.edu> Mon, 17 August 2020 22:52 UTC

Return-Path: <jesse.thompson@wisc.edu>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49FA73A13FB for <dmarc@ietfa.amsl.com>; Mon, 17 Aug 2020 15:52:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.048
X-Spam-Level:
X-Spam-Status: No, score=-3.048 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.949, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wisc.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9IL-EKqYOJyA for <dmarc@ietfa.amsl.com>; Mon, 17 Aug 2020 15:52:19 -0700 (PDT)
Received: from wmauth2.doit.wisc.edu (wmauth2.doit.wisc.edu [144.92.197.222]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D0B783A13F9 for <dmarc@ietf.org>; Mon, 17 Aug 2020 15:52:18 -0700 (PDT)
Received: from NAM12-DM6-obe.outbound.protection.outlook.com (mail-dm6nam12lp2173.outbound.protection.outlook.com [104.47.59.173]) by smtpauth2.wiscmail.wisc.edu (Oracle Communications Messaging Server 8.0.2.4.20190812 64bit (built Aug 12 2019)) with ESMTPS id <0QF8005EUCV5L810@smtpauth2.wiscmail.wisc.edu> for dmarc@ietf.org; Mon, 17 Aug 2020 17:52:18 -0500 (CDT)
X-Wisc-Env-From-B64: amVzc2UudGhvbXBzb25Ad2lzYy5lZHU=
X-Spam-PmxInfo: Server=avs-2, Version=6.4.7.2805085, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2020.8.17.224218, AntiVirus-Engine: 5.75.0, AntiVirus-Data: 2020.7.21.5750001, SenderIP=[104.47.59.173]
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GyNQclH4edxotWSxxXouVPMQZh0pigocworpquIB0rN+0GmK5xL2ANR/MwdaJdnZ/XHfJd8yK+7p3P3pJs++h5ENZ+JlrDR4I0RPAQOMJzjMJKfF2JmFHhk5ovzSf+RYCKzzXSEIfS1vSGSr09Eg/YZJbRvLAdDgzeG7z71agstdNqUqjzYEpWFYKZ7H/kDFq9WrescwDHh3c2FP6vbyQheU9Sg17boGD0WpGVh0/xBX6W0ESkR4Y7lZV6xKCnDaC5r7POOx8Zn1DsTq31HseX04efCq9vwj133DVWzk2qlCnoHRv+c5W2gw/9A2i9+s8lkXXtjeCUkA1TEHhIHJ0g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7GeqTLMhT0Rds39311DarbkTOhPkzeKo9tBdKwkpdq0=; b=aM8huil/JJwBd4XU89U7mSlNhPp9Sw/dbH6ps41d6aVdzpaXxEyAAQ9w0JgVy2qmekCbzFkEzOr+lne98Idd7QvQrfiqSFUtY6FGHw9cMv56Y8XVg0rwmyPrJGgeL6ilzdQeqOLhp0oKrwh0PVhlInPpRjQ2V08VlB+rW4DS7QrrlpFHg8M6Q+MEOv7E2k4sAT9Vp54okkalyC03ZBwoS9vZIjgZSYBQCdc7NyzeMv9WvfEKPWIcqKenMBUhxajd6poO/HmxndeJvkxvMa0CugD8JKC2ou2583Td+XoFT7Nc1yLkbaqSVMmEZnOFCnWHwSwGhCN6BNacfPmQ5H88Lw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wisc.edu; dmarc=pass action=none header.from=wisc.edu; dkim=pass header.d=wisc.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wisc.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=7GeqTLMhT0Rds39311DarbkTOhPkzeKo9tBdKwkpdq0=; b=gFp8xNwCb8QjDcMaXY6hrK/Z4Kar99mVUqQPUxONd+KMLmP00BuF61tf+Iia4GdaU943GdPJUTK7K/rejitLvbu72xa2zNGO7wp5eghvslzl0nfljUtrOeQE5K9eRxeABW+XomaUjnaGwhSNOzYCaZLYU/yLfbQZpSQOiFgNljs=
Received: from DM5PR0601MB3671.namprd06.prod.outlook.com (2603:10b6:4:7b::16) by DM5PR06MB2395.namprd06.prod.outlook.com (2603:10b6:3:59::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3283.23; Mon, 17 Aug 2020 22:52:17 +0000
Received: from DM5PR0601MB3671.namprd06.prod.outlook.com ([fe80::8def:be24:c82c:8d50]) by DM5PR0601MB3671.namprd06.prod.outlook.com ([fe80::8def:be24:c82c:8d50%6]) with mapi id 15.20.3283.027; Mon, 17 Aug 2020 22:52:17 +0000
To: dmarc@ietf.org
References: <20200807191216.43E971E4014E@ary.qy> <B5271A94-7B89-4226-BE77-471E698E1284@marmot-tech.com> <BY5PR13MB299920E15CC75E9D72F67170D7430@BY5PR13MB2999.namprd13.prod.outlook.com> <4fa0afc4-d3cd-994a-f02-f38da4cb1543@taugh.com>
From: Jesse Thompson <jesse.thompson@wisc.edu>
Message-id: <7ce20245-5942-14f3-3220-1faaa2c8ccbb@wisc.edu>
Date: Mon, 17 Aug 2020 17:52:03 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:81.0) Gecko/20100101 Thunderbird/81.0a1
In-reply-to: <4fa0afc4-d3cd-994a-f02-f38da4cb1543@taugh.com>
Content-type: text/plain; charset="utf-8"
Content-language: en-US
Content-transfer-encoding: 7bit
X-ClientProxiedBy: CH2PR20CA0020.namprd20.prod.outlook.com (2603:10b6:610:58::30) To DM5PR0601MB3671.namprd06.prod.outlook.com (2603:10b6:4:7b::16)
MIME-version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [146.151.213.183] (146.151.213.183) by CH2PR20CA0020.namprd20.prod.outlook.com (2603:10b6:610:58::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3283.15 via Frontend Transport; Mon, 17 Aug 2020 22:52:16 +0000
X-Originating-IP: [146.151.213.183]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: e27a8794-83f7-4084-aef6-08d8430030b1
X-MS-TrafficTypeDiagnostic: DM5PR06MB2395:
X-Microsoft-Antispam-PRVS: <DM5PR06MB239555F54BEBF24EF06B373BF65F0@DM5PR06MB2395.namprd06.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:7691;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: z1ywZIvamRzThZf36Zrub3ISshYEq9kgXe4dYnZOUoc/wf1pbxPhvdAFPxF4VU6P86bdaRZMQ2tPBMa5CkJ6nSlr2vw95O0uoXLjUnjXqcpkuW6bLMOkHMXVdohtmjkDzf/3zsvXPG7nPP3lJWBs2A5P05OqGCYRAGgGiyrkFZ2zbjvAMUerwwT4y54MdDBG9ukYeQ16i7+jZhCzM2ZwhwAKwUsrTHRVPmxWFXkQ77tCWvY0Yi8pjqw5A2rIV/xvUOldoBFeEcf2NOVDUubLe8OpX3ZdfoqS9tmj94YuVhNjute/2sKbLSc+Y79hAeS5DSsw+HshmMZvF+QgUYogBNj52g1u63+Rd2SsBvcpCQjZjGKyURhEikiAemHok6/RNNy0TgjIG9+n8WSMLDNm/kQ6dgIn5Q5iCqLx9Vp6dW0wcdbjD1lirjIW6RK7658RflJ0w3Niejo/lGHnqmB3xT3WecylmWtgH5V8vaYcPpk=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM5PR0601MB3671.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(39860400002)(396003)(346002)(376002)(136003)(66476007)(31686004)(8676002)(316002)(6706004)(83380400001)(16526019)(16576012)(31696002)(66556008)(86362001)(786003)(6916009)(6486002)(66946007)(36756003)(2616005)(956004)(75432002)(5660300002)(26005)(44832011)(6666004)(186003)(2906002)(53546011)(8936002)(478600001)(3940600001)(130980200001)(43740500002)(223123001); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: Q9jvP18F+Tu8D0FlTgS9/U1hoImPUZiOxXWAFtHqJ/ddI7RDFMur0wwNjpseOxEzdsbHFCEutlgebwg4Gw+1BxWQesrC4wR2KvtrJedjoOhAXueO4L7XC2lzZkfUjT/B4qSrAZmCzHOBaU7Zw0cvTJBGL1MjPCRT88AqGNN6aseO5WjtGc/Ljhx1RWMyKGmMoOgceDuziXl07LGI/HfK5f6DWdJnLhBuh6bhNMxmMO4XGnz0yGXEjhiRBSZyKHReJ83XdfFkx4kEwXXNnZObBr6NER5LvbXOUPc9h6dYVdsAfxvZAkH5T8csg15cZ0BauMD/MXXoUD+6hfNbUGdGBZ5R9m+Fj0MLXvgtAjtITun+w+wWIEYPkDfnvfQ7V65Pwt6vsMZ4+x6/a2PADDmuWXc1Yfo3aeh6eR4rUBy3brCz6xc/dTwl2j2DmlcOj2Ya2XdLvmEV8P64t7z3MiiIrjkH8cZgyMIsl50Vb/+79wmE/YKXb6+Qsaj2EyR15vu1iVTJ67ahcmojt2X8hZuYSxb/o5crHSCKr1oW8n5jmFpdIE5r1fdj/TxG3xrslmhpoEM/gjtZ0p9PQOTP+PV9tAe8INNgDUt7VrL9t8y+80hZw2DQbL2Ia0epQIPSHW+GxiPOGd3AQYwf1nQ2tJCURQ==
X-OriginatorOrg: wisc.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: e27a8794-83f7-4084-aef6-08d8430030b1
X-MS-Exchange-CrossTenant-AuthSource: DM5PR0601MB3671.namprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Aug 2020 22:52:17.0696 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 2ca68321-0eda-4908-88b2-424a8cb4b0f9
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: rkhTMDBrPgjsqIBN1Yot/SjmVHwl6ZNl2oP6SdqfaFehQh/KnDey2cpU+ZD9djC5lxZIXLq4rqMV56MyGYkkkw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR06MB2395
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/-95Be_mh7maNxvbso1ez301X4Uc>
Subject: Re: [dmarc-ietf] non-mailing list use case for differing header domains
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Aug 2020 22:52:21 -0000

On 8/13/20 10:03 AM, John R Levine wrote:
>> -Admittedly, that's where my bias comes in. My job is working with organizations that have paid my employer for me to be that outside help, so it's rare for me to see how badly it can be done by people setting restrictive DMARC policies without knowing what they're doing.
> 
> If they all talked to you first, we'd be having a very different discussion.

With a complex organization the only way to get people to change is to publish a restrictive DMARC policy and then see who comes out of the woodwork sheepishly admitting that they've been ignoring us for years.  

Normal people sending email (especially those who are working with an ESP, most of which happily send email without any DMARC alignment) do not comprehend the notion that they should be using a subdomain for their transactional messages; even when we directly communicate this fact to them repeatedly.  They just don't understand the nuances of email.

Similarly, it's only way to find all of the old DMARC-unaware MLMs, most of which haven't been security-patched for years.  Forcing them to upgrade to a MLM that can munge the From is a back-door way to get them to patch, or reassess their commitment to running the list in the first place.

Enterprise IT/cybersecurity actually want to get better manageability on the email their institution emit.  Misdeploying DMARC provides that.  Publishing restrictive DMARC on user domains is not always a clueless IT decision.

Jesse

v2.23.0 | Report a Bug | By Email