IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports

Michael Thomas <mike@mtcc.com> Tue, 29 December 2020 21:05 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E6DA3A0A3B for <dmarc@ietfa.amsl.com>; Tue, 29 Dec 2020 13:05:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ers6lZAmlJgW for <dmarc@ietfa.amsl.com>; Tue, 29 Dec 2020 13:05:33 -0800 (PST)
Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B19B13A0A2E for <dmarc@ietf.org>; Tue, 29 Dec 2020 13:05:33 -0800 (PST)
Received: by mail-pl1-x630.google.com with SMTP id be12so7691414plb.4 for <dmarc@ietf.org>; Tue, 29 Dec 2020 13:05:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=kD0WKcj7ZEGFGVXq7PVhB+fTPugB0szZhvWNzUvbIB8=; b=VVsHn1orcPDZbSFjkKQp9rI9zkgKCHwvfDN1WIvRn6ujAvDFP7Be9fZNuLPxt/LejL KZKkqcExU8uLdtENcMM31liiwUp17fWMFB86EuWB7AuWCPs56ZzyoC5uTH2EdEacexx4 6t3fr+Ti5m4w4sCbCZ71EwQOyW6Vr9pK1hSgXFSunJ2K6wIcdFrBNug8U4zvRgkwVZU7 2YF9jcOJCq3kOH3CBfUhmHFdDI57Cu7phq6FZtjir+8FSeoEaItB+4pwEpzdbMCDldPW pzX8d0dbMwyqmfMPYcZSlzKTPjs7NyTyRk498UHAqkzS7Mta4Ps3InFjhkOjX8o2QgS+ Uxfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=kD0WKcj7ZEGFGVXq7PVhB+fTPugB0szZhvWNzUvbIB8=; b=tJ4pooLBYXk1JNowAw2aCeT/hNL+1CGQ8Wfij0/BK2Il5H55X/4vmsS1e70MyAafm9 Sfi8J0WiXVhjNac5uzxQkq6Z/z7+oDNKoKS11kncrqrNEepQRN2+Yf2QLG3lERXkCNar TPQJYkQCTWW/U0PbvaMTzS7mvNKxLfze3vk9US7QHCIDnvBh7PUTfn3oBL8iMD2Szfia dfOWLtmIshWBlcTj2G7kB7H4OY+mZ5oP9viaJ7LIeT7fJRMXlEZqxMQuZuxfNKXhNYMr NFbZ24r57LZFn/kdsrRZiU/CgHFY+s7d4DiOBJXYQcwokfkve/PbIUpDhy2+e1UHm0/E QUsw==
X-Gm-Message-State: AOAM5334kFqsVhfdDrCxUnc3Xj0cil7bGMyZdSAC4ipm3q/KtAX1aXdv RNgnF4J/ITtUzuWrxPd7djcr8O8Sqn1WXg==
X-Google-Smtp-Source: ABdhPJzTTeIHw6j5r2pgx0rq+ps5zh8V/K4Nmos2jHIg+EyqmVR2Le7TwSrlIEBxy2BzzuNVgHEExA==
X-Received: by 2002:a17:90a:398d:: with SMTP id z13mr5636777pjb.1.1609275932665; Tue, 29 Dec 2020 13:05:32 -0800 (PST)
Received: from mike-mac.lan ([107.182.37.0]) by smtp.gmail.com with ESMTPSA id q35sm4201029pjh.38.2020.12.29.13.05.31 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 29 Dec 2020 13:05:32 -0800 (PST)
To: John Levine <johnl@taugh.com>, dmarc@ietf.org
References: <20201229205922.BD91635185C5@ary.qy>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <17f3ed7e-2fbe-48fd-d6c0-d394d06abb43@mtcc.com>
Date: Tue, 29 Dec 2020 13:05:30 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <20201229205922.BD91635185C5@ary.qy>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/1I61cFtvKwWo6YEd8u59TWGKxIM>
Subject: Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Dec 2020 21:05:35 -0000

On 12/29/20 12:59 PM, John Levine wrote:
> In article <14d833ce-0ae0-f818-fd4f-95769266a8e0@mtcc.com> you write:
>> On 12/29/20 12:10 PM, John Levine wrote:
>>> A lot of tiny non-profits like Girl Scout troops use email addresses
>>> at webmail providers and send their announcements through ESPs like
>>> Constant Contact and Mailchimp.  This is yet another situation where
>>> DMARC can't describe an entirely normal mail setup.
>>>
>>> Constant Contact apparently got Yahoo to give them a signing key,
>>> at least temporarily, but that doesn't scale.
>> What gmail does for gsuite is generates (or not, who knows) a key and
>> gives you the selector to add to your dns. I don't see why that doesn't
>> scale for all situations.
> To point out the obvious, because they use a single address at
> yahoo.com or gmail.com or hotmail.com, not a private domain. These are
> tiny organizations that don't have a lot of computer expertise nor a
> lot of need for it.

Um, so? The have to procure a domain too which can be technically 
challenging. If they want to use outsourced email, the outsourced email 
provider should provide the support to get their selector into their 
DNS.  If they can't bother, I don't care if their email isn't delivered.

Mike

v2.23.0 | Report a Bug | By Email