Re: [dmarc-ietf] DMARC forensic reports (ruf=) and privacy

Дилян Палаузов <dilyan.palauzov@aegee.org> Sat, 26 January 2019 16:03 UTC

Return-Path: <dilyan.palauzov@aegee.org>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 83DC8130E76 for <dmarc@ietfa.amsl.com>; Sat, 26 Jan 2019 08:03:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uW-VZSIHBn5T for <dmarc@ietfa.amsl.com>; Sat, 26 Jan 2019 08:03:42 -0800 (PST)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6054E130E83 for <dmarc@ietf.org>; Sat, 26 Jan 2019 08:03:42 -0800 (PST)
Authentication-Results: mail.aegee.org/x0QG3dIc015713; auth=pass (PLAIN) smtp.auth=didopalauzov
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1548518620; i=dkim+MSA-tls@aegee.org; r=y; bh=9vtQQzV+JV3TfMI9j86CQ9i7G4UvF+HfBaQRJWTR8q4=; h=Subject:From:To:Date:In-Reply-To:References; b=Dq45TwnECioPkXQXL91eJX+bP+9lJ5an4kBRGaxF1oN0MqGCSHpcS7Z/L70iTciPB 7bvIbX+zBEEkscZi4ZBkIe9raJ2x3h5exhByccA/f5Wsgu/jZtbzmtyT3mv64UxLx2 5v7XRxwlgH8c32WNSOPRGjO8U+kd1hrZXMed3LXqLTeklaIhqcN8OzX1eXax6eO9tL qfEVA9PQAMo0qlWEVZerKzoVqHu6+n68IA0J3w6htKaJjuQ+xphf6ADsBeA5sEHaf2 wXL1y0dSn7Gjk7O2gxSOGd0wKUW3cYlkJOc5EA82V2cEUfyIOkFIp7IsNIVaFK1B9n nNsMzLXX8SJ9DgA9mrKxfT+Yx55an54nTfjS8NJUacCmmxBYCXzyjHweqEqVvPOn4d XFti4D0eFGjeK3zlFkmctrrrSrAp1xP9ju+YnfcHlwmJHAJYRj048qhiLPtFfF67+F sIFwktVjxKnZJrt0NVRzfy1ad0dSe6VIrJmhtz/GNjx2p427yNV5443TBszzvI5hs0 X8mS0jYCqYgUpXR83OuCOLNFaT9Ai94sYj3cxUEquFdhBpe4Lr4D5xuG79mgj4wW9+ 1yUCQyVsVkVtU8Yfk3U86pkP7U8QlOwG9rCFVIDXfcxQcP+x31ynjhZu+nW0Cza6U7 f1K6qEpd9q+T3os+/ZJdEyqY=
Authentication-Results: mail.aegee.org/x0QG3dIc015713; dkim=none
Received: from Tylan (adsl-62-167-97-198.adslplus.ch [62.167.97.198]) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id x0QG3dIc015713 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <dmarc@ietf.org>; Sat, 26 Jan 2019 16:03:40 GMT
Message-ID: <6a56a3831dd4651e0d7610ee0c90f50749a7203b.camel@aegee.org>
From: Дилян Палаузов <dilyan.palauzov@aegee.org>
To: dmarc@ietf.org
Date: Sat, 26 Jan 2019 16:03:39 +0000
In-Reply-To: <20190126153650.491F6200D38D44@ary.qy>
References: <20190126153650.491F6200D38D44@ary.qy>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.31.90
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.101.1 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/4LsdSpvp12chCdhBW6G-OpkJwpQ>
Subject: Re: [dmarc-ietf] DMARC forensic reports (ruf=) and privacy
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Jan 2019 16:03:44 -0000

Hello,

On Sat, 2019-01-26 at 10:36 -0500, John Levine wrote:
> In article <40a9f309a70254b799f8bc3e42cbec2f5cf9dd7b.camel@aegee.org> you write:
> > What are the privacy concerns in this simple scenario that speak against sending a DMARC/DKIM report to sending server,
> > telling that the DKIM validation fails?
> 
> The person reading the DMARC reports had enough authority to put a
> record in the DNS, but that is not the same thing as being able to
> read all of the users' mail.
> 
> In large mail systems, different staff have different roles, and very
> few of them can look at users' mail.

Aha, we have staff dealing with DNS, staff dealing with email boxes and domain owners.

How can a domain owner communicate, that its users agree to have investigations on forensic reports, where DKIM
signatures failed (fot the purpose of avoiding repeating errors in DKIM signing/validation)?  In particular, that there
is no expectation of the users that a deleted message is erased and that the domain owner, DNS staff and email staff
function good as whole?

Regards
  Дилян