Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
Douglas Foster <dougfoster.emailstandards@gmail.com> Wed, 05 October 2022 01:13 UTC
Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08FD8C14CE36 for <dmarc@ietfa.amsl.com>; Tue, 4 Oct 2022 18:13:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o6YXWqqc3Grt for <dmarc@ietfa.amsl.com>; Tue, 4 Oct 2022 18:13:43 -0700 (PDT)
Received: from mail-lf1-x12c.google.com (mail-lf1-x12c.google.com [IPv6:2a00:1450:4864:20::12c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4078CC14F731 for <dmarc@ietf.org>; Tue, 4 Oct 2022 18:13:43 -0700 (PDT)
Received: by mail-lf1-x12c.google.com with SMTP id 25so13241549lft.9 for <dmarc@ietf.org>; Tue, 04 Oct 2022 18:13:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date; bh=EeVIzxBSz6sKHGsJ56rL7S8P9q8uVvQmbMQzDJt63Lc=; b=m23n19m/epqAVeMXcYG4QreTJG7MZI7uV3Tq2MbXG0oT2w8ywDQphTrgoaeUCp2Vk6 wwTTDQoimh0QFrTntJoCzZMltBQDKsBW3DRZHzMWPgp4R72iCbjJ6pqXGmaAjQeKL5cZ k2acbN9sMBSqhbL+VthvJcy67haeWaEwto+C/uIkOoRFPeYLiAFRNklO3qGi9uYJy3Eg fzuvcZWOhjeK3UNp5MWwgYNt80dmDB9fhTv3NkPD/PVIY+MzEkXfCvYIYOL7xbMZ9kEF bEewu+qMdYeZUnhde6icNLq8Pb8DgeATdEhApQZMISFaA8qXjXWDllEVuu2g42A8kx60 DMyw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date; bh=EeVIzxBSz6sKHGsJ56rL7S8P9q8uVvQmbMQzDJt63Lc=; b=4UvS+cxdA0OQcy11jFHllKkk6Ls/Z5EtTdq16BYzVg+x/Wa3bEitBuw+YVFn/hgYMK X2kj2dhrqFXGHdUR0XS0YzS4m67kmVrSzAeCWwm2o+xp1VzrnH+CE4UXj4eNnYGWqGgS sD9yWUn3OM3M3+Iq7ghEtin12SzzUDmoNhktLxmYBkPXaq6OSTw56F6Sl2lV29w/eXl5 9HIapZ7bG3RTkxzyFVFFhW0wjzpZ1QcFO4ruQ8InIQKxxJaxbxl3WCmYU3tmU4tMtmj1 UIcMkRrF9Jo2QV2iP7bPIrMCqUkJ1UXQdwhRWcJf0/u183KjMx2I2zgdSAD3RZVhxrlz s+gg==
X-Gm-Message-State: ACrzQf1nHKebxjAZQe4wUGzdirdpulVDKcrA/vHV8dktOTN1azHECbb8 F+1PgV0NEEmc5iy2SVhh+OuSGw3NHiTM1I09tULlLxJu
X-Google-Smtp-Source: AMsMyM4LNmjBnVb/frUDD5OzW8081V7FkxDoj7kQVX2GxY+R4/rK2gaJTX0p7mnM87bR6DkHHWgIX0NtrMgA6kISKHw=
X-Received: by 2002:a05:6512:4db:b0:4a2:15ee:af03 with SMTP id w27-20020a05651204db00b004a215eeaf03mr7013516lfq.14.1664932420199; Tue, 04 Oct 2022 18:13:40 -0700 (PDT)
MIME-Version: 1.0
References: <165046214335.10055.16398898629460366752@ietfa.amsl.com> <CAH48ZfxZOq68=P-Qxjvjk1c8PxWAWDvaBPPQcb4DWmd6cL=u4Q@mail.gmail.com> <CAJ4XoYen6n06L1UBqzu9nr2jCC7v_-GOAdJXMzCks6d-AaKqUA@mail.gmail.com> <CAH48ZfzVt=+yoj280VxL_SV+YM4C7eqMWhL=41YpVybaPmLcLg@mail.gmail.com> <CAHej_8mgKjpo6DDbOS9bBdTarThKOa9F55QBtrM6G-oq1YfX+w@mail.gmail.com> <CAL0qLwYjYY4OvShqACWPz0vdJcAubdU1csFFVSkqzsReZSZxuw@mail.gmail.com> <MN2PR11MB43514940B87730CC9D476AACF75B9@MN2PR11MB4351.namprd11.prod.outlook.com> <CAL0qLwb=1CZN6s2QzWJGFeO3=iPWZ-eS=7hvi4B6jhuh+hLJ0w@mail.gmail.com> <8ab0943b-9805-1a0e-528d-9cf45f2eaf9c@tana.it> <CAH48ZfzM2J0_RizqESbFSm3ASfc2x6nsdxUXWEWO+4g2vXsz+g@mail.gmail.com> <38BC22D3-3A29-47E0-9E51-DD862FDD4947@wordtothewise.com>
In-Reply-To: <38BC22D3-3A29-47E0-9E51-DD862FDD4947@wordtothewise.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Tue, 04 Oct 2022 21:13:28 -0400
Message-ID: <CAH48Zfxf8X+77xnBe2Ah8WCZ9vHxt5--tN4wwO5YBDkJXUguAQ@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007b293005ea3f49d9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/3o37wh4Q5uM72mchbJ1hTrfYqTw>
Subject: Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Oct 2022 01:13:47 -0000
Time for some data collection: Who has a reporting implementation in use which is designed and tested to support at least 100 DKIM signatures? What are the maximum number of signatures ever observed on a single message? What can you tell us about the curve of signature count vs. message volume? How common are messages with 5, 10, 25, or 50+ signatures? Doug Doug On Tue, Oct 4, 2022 at 5:23 AM Laura Atkins <laura@wordtothewise.com> wrote: > > > On 3 Oct 2022, at 23:31, Douglas Foster < > dougfoster.emailstandards@gmail.com> wrote: > > The primary key for aggregation is the SMTP domain (up to 255 characters), > plus each DKIM domain (up to 255 characters) and its DKIM scope (up to 64 > characters). For 100 DKIM domains to be included, the primary key > becomes up to 201 fields with up to 25,919 characters. This is > unmanageable with readily available tools like a SQL database. > > I suggest that we start simplifying the scope, by limiting the items of > interest to: > (a) SPF whether pass or fail, > (b) aligned DKIM domains, whether pass or fail, and > (c) non-aligned DKIM domains that pass. > > I don't see any value in knowing about failed DKIM signatures for > non-aligned domains. Perhaps someone with a sophisticated report parsing > capability will be kind enough to correct me and explain. > > > Knowing what domain is signing is important if you think things should be > signed but they’re not aligning. Knowing what they’re being signed with > helps treat the problem. > > A very simple case is: if you have 2 domains you’re using at Google > Workspace sometimes Google will pick the wrong one to sign. So your mail > fails DKIM alignment. Without knowing the domain, it’s impossible to > troubleshoot what’s going on here. > > Then I suggest that the DKIM upper limit by 10, not 100. At some point, > an excess of domains becomes a DDoS attack on the evaluator, and to a much > lesser extent, the report recipient. > > > This is the type of suggestion that has broken SPF. I do not support it. > > laura > > > Doug Foster > > > On Mon, Oct 3, 2022 at 2:17 PM Alessandro Vesely <vesely@tana.it> wrote: > >> On Mon 03/Oct/2022 18:01:06 +0200 Murray S. Kucherawy wrote: >> > On Mon, Oct 3, 2022 at 10:26 AM Brotman, Alex <Alex_Brotman@comcast.com> >> wrote: >> > >> >> So we would likely need a section in the core document with a SHOULD >> for >> >> evaluation (if it’s not already there), and then a section in the >> aggregate >> >> reporting for a MUST for reporting on evaluated information (if they >> choose >> >> to send reports at all), correct? >> > >> > [...] >> > >> > From the actual protocol standpoint, the filtering part of DMARC >> operates >> > just fine if you make the shortcut Doug is proposing, so the first >> SHOULD >> > is probably apt but the MUST is moot because it doesn't change >> > interoperability. >> >> >> Let me add that reporting /all/ identifiers can be unfeasible. (I, for >> example, collect identifiers to be reported using SQL left join of >> various >> copies of the table, which delivers results as just that many columns, >> although >> more might have been evaluated at reception time.) >> >> Reporting just the "most important" identifiers could be an option. >> >> >> Best >> Ale >> -- >> >> >> >> >> >> _______________________________________________ >> dmarc mailing list >> dmarc@ietf.org >> https://www.ietf.org/mailman/listinfo/dmarc >> > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > > > -- > The Delivery Experts > > Laura Atkins > Word to the Wise > laura@wordtothewise.com > > Email Delivery Blog: http://wordtothewise.com/blog > > > > > > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc >
- [dmarc-ietf] I-D Action: draft-ietf-dmarc-aggrega… internet-drafts
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-agg… Brotman, Alex
- Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-agg… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Dotzero
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Todd Herr
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Murray S. Kucherawy
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Brotman, Alex
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Murray S. Kucherawy
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Barry Leiba
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Laura Atkins
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Murray S. Kucherawy
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Neil Anuskiewicz
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Scott Kitterman
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Dotzero
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Scott Kitterman
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Neil Anuskiewicz
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Neil Anuskiewicz
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Brotman, Alex
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Dotzero
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Dotzero
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Dotzero
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Murray S. Kucherawy
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Dotzero
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Brotman, Alex
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Alessandro Vesely
- Re: [dmarc-ietf] Aggregate Reporting - "Not Evalu… Douglas Foster