IETF Logo Mail Archive

Re: [dmarc-ietf] Bridging the gap

John Levine <johnl@taugh.com> Wed, 15 June 2022 17:47 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27430C14CF18 for <dmarc@ietfa.amsl.com>; Wed, 15 Jun 2022 10:47:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.86
X-Spam-Level:
X-Spam-Status: No, score=-1.86 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=U9rEAVDg; dkim=pass (2048-bit key) header.d=taugh.com header.b=XQjTB3L7
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qPh4Z90r2rLi for <dmarc@ietfa.amsl.com>; Wed, 15 Jun 2022 10:47:46 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32ACFC14CF08 for <dmarc@ietf.org>; Wed, 15 Jun 2022 10:47:45 -0700 (PDT)
Received: (qmail 86242 invoked from network); 15 Jun 2022 17:47:43 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=150df.62aa1b3f.k2206; bh=vUsANemPucjXSgWL1YiTivx4TGT1MsX7a2osH2Yl/cc=; b=U9rEAVDgaksP1ya+fmnKc6jhEDH0933xnkx5B0LKn0zYYrH8AGh2UqW0o3iD3+mgIL3126G5hKYuIUX7X9IxaDuPlhDiMU4+bYaE2zxV69YdVr0jRShz2lv0g36S4AD85ayW0ShyMvsoAxxuwwSalWx0avnTmGVqxxJ68+ySad86SB1wZxmXOFOG4m6CZ2c0YrlZLnQ3+cNvBXF8oOi3q1UnDRJhuaSvut53YR6R3bzECZhpyZDmGpAPwmP5//isqYVqvrpSXV1OEJVaZARCWga4ZPvD2oUZ8B5XDerzlo1Mwc2oFCpg+jW7a5qdFeOLluVryLEtPLvJ/+m14x0KDw==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=150df.62aa1b3f.k2206; bh=vUsANemPucjXSgWL1YiTivx4TGT1MsX7a2osH2Yl/cc=; b=XQjTB3L7GFQ43OtMTgcsQN6RcKJFCXq0QQAVUSpMyXNkwlsDauvTewRJBCYsxKWfAmQoGS1viRQiha0O/E/aMqrg6Pq7z+GkgEPeuyhP6IDITSAiznPO7mz2IhqoRIjiyD6LV7tXWFf96ack+A9DMzTAaGJe5b6/EQfe1bwJqMowv/Jju+zWKBj0rM3dGbG54r6ckrjG6tKMduJawiB+rFzIFX0HDyvrKaCvSF0SFiPn3Ru8svafsjSgJIKnsr4oZF8oXrM/D2dilQrmu7tttUiyvL4kKiPxbSaot8Lgfy4hlEgn7KmrgQptSJ9G2YpW22GhOaoqTxEEuMU2Z4g53A==
Received: from ary.local ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 15 Jun 2022 17:47:43 -0000
Received: by ary.local (Postfix, from userid 501) id BBCE443B1333; Wed, 15 Jun 2022 18:47:42 +0100 (BST)
Date: Wed, 15 Jun 2022 18:47:42 +0100
Message-Id: <20220615174742.BBCE443B1333@ary.local>
From: John Levine <johnl@taugh.com>
To: dmarc@ietf.org
Cc: vesely@tana.it
In-Reply-To: <a62c53af-6909-eaec-2263-a36b049a5be0@tana.it>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/5Bdk8yRXg5XZUdNkTce89pnxQvM>
Subject: Re: [dmarc-ietf] Bridging the gap
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2022 17:47:51 -0000

It appears that Alessandro Vesely  <vesely@tana.it> said:
>I think we found the few critical domains which need a flag.

We may have found some domains that need a psd flag, but it's silly to
assert we have found all or even most of them.

The PSL has 9300 entries and there are surely far more places in the DNS
than that where you want sibling domains to be separate.  The PSL only
cares about web cookies, which do not always separate at the same places
that DMARC does.  The PSL is often wrong for DMARC and I see no reason to
assume that even without PSD that a tree walk would produce less accurate
results than the PSL does.

On the other hand, it is a whole lot easier to publish a psd=y DMARC record
than to get an entry into the PSL so for anyone who cares about this, they
have a straightforward way to fix their problems.

R's,
John

v2.23.0 | Report a Bug | By Email