Re: [dmarc-ietf] Example of Indirect Mail Flow Breakage with p=reject?
Dotzero <dotzero@gmail.com> Thu, 13 April 2023 16:11 UTC
Return-Path: <dotzero@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FF95C151543 for <dmarc@ietfa.amsl.com>; Thu, 13 Apr 2023 09:11:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hODMl834geHL for <dmarc@ietfa.amsl.com>; Thu, 13 Apr 2023 09:11:21 -0700 (PDT)
Received: from mail-ua1-x92f.google.com (mail-ua1-x92f.google.com [IPv6:2607:f8b0:4864:20::92f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D4635C14CEFD for <dmarc@ietf.org>; Thu, 13 Apr 2023 09:11:21 -0700 (PDT)
Received: by mail-ua1-x92f.google.com with SMTP id p91so23992684uap.1 for <dmarc@ietf.org>; Thu, 13 Apr 2023 09:11:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681402280; x=1683994280; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=5Pq6C7tS3t8TX2TqWh2fruRWlTv7ogkMWOmn+xCGTMU=; b=FjKh2bEO5sdsrrspVc2NZS1ekhvd7xebiQx6WX7RUzXtaLlgmDwaoq4yXNd7vmOuUB Qm+OZY/wpIwQkX/Fyo4KKIgGeFshaWtKRG7nsPueJb5ObmDe2fClGus7wTf5Ey1Tx1Da mj5m408BNe4YMVWCqf5Y3qZUXe8ZT1gYoFqGJy+HC6yDEJtpji0do01ixnViyT6XhBVN 0+sSqn9riQve+lUHIiu0C17I20D7pRNHgCgAnN3ot22PQ/U2hIwdkkL0yETE1YjA3qmf Ohb3UYKzcd62ehp64nEQdwFiQ88uN8gff6FaSsVUXTwf07rdQRN7acrCpkMv6W9ZgfOg mnfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681402280; x=1683994280; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=5Pq6C7tS3t8TX2TqWh2fruRWlTv7ogkMWOmn+xCGTMU=; b=BfxsIIJAQrJ4BY5z8nqrROcz71Zf8TAXOy2xobH8EHdPLEwbc9WOHUgestAMBJ5lBs vAC8/DKqjXTqC5bsKnaBzTuwn+14h9PY3EAWCuU02u6dfIfkfSZbVMl9Jj4WpPzY0FAB vzVj6HCcin5eTfqEsuc1jCQLsEu+OP/MHH8QdQXqKWyKSyPNziN3oTXCjsIc294Gt8UA XcbiQnuj+7d30neYB05mEa+89ITlOoDHI5PZ5KHB/gSWGVjLaO+Exf0QnBSHzlYxbE+X U0epbQ6fXV89eOt0a5MVUCTRFFkLdd2aoOxCZm2O0bFypVGYlylu7o2ZBysqhKiJM8AK Cgcw==
X-Gm-Message-State: AAQBX9f9QddgeH4KR8FiPAk7KBkcuKmgHYRSPyQJvsi8bRzxudh5Ddjf oBsSjOFT8+YICbyAX+BWbk1f/BpooaoWtKBLqyk=
X-Google-Smtp-Source: AKy350aDfHXFAGPsVSqDuksNgpgB13LRmJN+X3JQeGCHCp89Liub+9HbLxvyg9Fu9BlY9EYftt8eVshGYycXdkXLpZs=
X-Received: by 2002:a1f:a154:0:b0:43b:6f57:4a00 with SMTP id k81-20020a1fa154000000b0043b6f574a00mr1239877vke.3.1681402280623; Thu, 13 Apr 2023 09:11:20 -0700 (PDT)
MIME-Version: 1.0
References: <20230408135613.C3E1CBC81C2A@ary.qy> <48D13F81-6022-45F8-AE56-20474E68BAA1@marmot-tech.com> <A6AAF170-BE18-4713-A2E0-A6E070FBD1F7@kitterman.com> <MN2PR11MB4351E287D89465D328A9F14DF79B9@MN2PR11MB4351.namprd11.prod.outlook.com> <CAL0qLwbP-Ui2D7NAcLuaT-2HjAmPO3z-KGNCGvjTLDJYMJXEog@mail.gmail.com> <CAL0qLwYnQ8Zuy8+w8ie-0O6+9YiPmPxcrQo_CozO_C9GLWCW8Q@mail.gmail.com> <MN2PR11MB435110CFCCA9A6F54A92ECE3F79B9@MN2PR11MB4351.namprd11.prod.outlook.com> <CAL0qLwYDdEWaMb6+7Srtj=1v-07-v8WNe+DpvpVHHcqncAuyDA@mail.gmail.com>
In-Reply-To: <CAL0qLwYDdEWaMb6+7Srtj=1v-07-v8WNe+DpvpVHHcqncAuyDA@mail.gmail.com>
From: Dotzero <dotzero@gmail.com>
Date: Thu, 13 Apr 2023 12:11:09 -0400
Message-ID: <CAJ4XoYf77SRJpOBmytvX7z_qn15XCZuYfZbkhoN_B_85Fms+Vg@mail.gmail.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: "Brotman, Alex" <Alex_Brotman@comcast.com>, "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a9424c05f939f95a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/32u2pU9rCEIHK_xxn2ic89M5ln0>
Subject: Re: [dmarc-ietf] Example of Indirect Mail Flow Breakage with p=reject?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Apr 2023 16:11:22 -0000
On Wed, Apr 12, 2023 at 1:57 PM Murray S. Kucherawy <superuser@gmail.com> wrote: > On Wed, Apr 12, 2023 at 8:27 AM Brotman, Alex <Alex_Brotman@comcast.com> > wrote: > >> In the case of DNSSEC, my ISP is the intermediary utilizing DNSSEC, and >> the website signs records via DNSSEC. The website I want to go to breaks >> their DNSSEC. My ISP cannot retrieve a record to return to my browser that >> can be used. A is the browser, B is the website, C is the ISP DNS platform. >> >> >> >> I understand your point, though I think mine still has reasonable merit. >> I understand the charter is to resolve the interoperability between >> indirect mail and p=reject. I’m just not sure I see an intersection of >> “fix indirect email” and “p=reject”. >> > > I see what you're getting at, but I don't think they're comparable. There > are a few main differences: > > 1) DMARC is a surprise to some actors. The intermediary in DMARC doesn't > know that it's suddenly contributing to a problem. In the DNSSEC example, > the ISP DNS platform knows it's participating; it is, after all, a > DNSSEC-aware resolver. In DMARC, suddenly MLMs around the world have to > change what they're doing and don't know they're part of a new problem. > If DMARC is a surprise to "some actors" today, they clearly haven't been paying attention. It was first publicly published (not through IETF) in 2011. With regard to MLMs and forwarders, the wake up call would/should have been in 2014 when AOL, !Yahoo and other domains with lots of users started publishing p=reject policies. I'm not commenting on other aspects of the discussion, only your belief that in this day and age, DMARC is a surprise to anyone. Michael Hammer
- [dmarc-ietf] Example of Indirect Mail Flow Breaka… Todd Herr
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Barry Leiba
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… John Levine
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… John Levine
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Douglas Foster
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Scott Kitterman
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Todd Herr
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Mark Alley
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Alessandro Vesely
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Alessandro Vesely
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… John Levine
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Douglas Foster
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Barry Leiba
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Alessandro Vesely
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Barry Leiba
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Benny Pedersen
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Barry Leiba
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Douglas Foster
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Barry Leiba
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Mark Alley
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Alessandro Vesely
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Scott Kitterman
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Jim Fenton
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Benny Pedersen
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Scott Kitterman
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Douglas Foster
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Barry Leiba
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Jesse Thompson
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Alessandro Vesely
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Douglas Foster
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Jim Fenton
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Douglas Foster
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Jesse Thompson
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Baptiste Carvello
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Baptiste Carvello
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Jesse Thompson
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… John Levine
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Scott Kitterman
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Alessandro Vesely
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Brotman, Alex
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC is designed to break mail,… John R Levine
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Brotman, Alex
- Re: [dmarc-ietf] DMARC is designed to break mail,… Hector Santos
- Re: [dmarc-ietf] DMARC is designed to break mail,… John R Levine
- Re: [dmarc-ietf] DMARC is designed to break mail,… Dotzero
- [dmarc-ietf] Introducing DSAP/ATPS for Improved E… Hector Santos
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] DMARC is designed to break mail,… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Barry Leiba
- Re: [dmarc-ietf] DMARC is designed to break mail,… John R Levine
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Brotman, Alex
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Scott Kitterman
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Barry Leiba
- [dmarc-ietf] General-purpose domains with users f… Matthäus Wander
- Re: [dmarc-ietf] General-purpose domains with use… Mark Alley
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Dotzero
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Scott Kitterman
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Mark Alley
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Scott Kitterman
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Scott Kitterman
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Neil Anuskiewicz
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Murray S. Kucherawy
- Re: [dmarc-ietf] Example of Indirect Mail Flow Br… Alessandro Vesely