IETF Logo Mail Archive

Re: [dmarc-ietf] Ratchets - Disallow PCT 1-99

Matthäus Wander <mail@wander.science> Wed, 21 July 2021 18:05 UTC

Return-Path: <mail@wander.science>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABB173A2229 for <dmarc@ietfa.amsl.com>; Wed, 21 Jul 2021 11:05:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.09
X-Spam-Level:
X-Spam-Status: No, score=-2.09 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wander.science
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S4CGlAbjw26S for <dmarc@ietfa.amsl.com>; Wed, 21 Jul 2021 11:05:46 -0700 (PDT)
Received: from mail.swznet.de (cathay.swznet.de [IPv6:2a01:4f8:13b:2048::113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 717733A2223 for <dmarc@ietf.org>; Wed, 21 Jul 2021 11:05:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=wander.science; s=cathay; h=Subject:Content-Type:In-Reply-To:MIME-Version: Date:Message-ID:From:References:To:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=7ROYC9fSZPVEScRDAxnGAnwCV0duXZRM/0+xG9bcjpA=; b=Q94HHkaRJANo6g9G3XPajpoDe owfqC1wTu0JkZE30n4CNPCCnHHmr+Z3y1zRhyEyAAr2OwLzGwxE00w2osq9gj9KUDWlBvzlp+q3CR M7YKgqN42I7c7cXirbULM0CI4AeTy3LCxkRrgmu/MOLLp6KLnfsYC5BEckEDwdGMbKdLGkfmZ/b/i Umro5Yhtm5ik+0NFWWoxqSMkBj3iTBDQUWWqbPVxMI3F4FZqZ51zl+wH+aJslr+t4furomJWmiSNb alNySP5S4pXn59eeqXj7N6ZjDjqNbcOS++H1qfHGFpFcif217XH2hd2uL21CZyGdtRaOKq/nPkQuN /MPNm/iLw==;
Received: from dynamic-2a01-0c23-708c-4c00-8542-10d9-9af7-8c35.c23.pool.telefonica.de ([2a01:c23:708c:4c00:8542:10d9:9af7:8c35]) by mail.swznet.de with esmtpsa (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from <mail@wander.science>) id 1m6GbG-00076V-Ee for dmarc@ietf.org; Wed, 21 Jul 2021 20:05:43 +0200
To: dmarc@ietf.org
References: <CAHej_8=yvgXP2WgHayhGU2Hg2E0RcNgZBFjfw1cM-qKWkTG-+w@mail.gmail.com> <CAH48Zfys9cwTskjjdeJ14Y-wDBuqLseDEEiNvwC9BonLAwMyVw@mail.gmail.com> <CAHej_8mTF7DFwDiCHBq_mK40E+vuFS6iB+MQ3Co3pS=ZdqXkcg@mail.gmail.com> <CAH48ZfwUAfwG93ZOoFp+Xbor-chZ-X0Pbd9OGdAs3mxsTFHxEw@mail.gmail.com> <CALaySJJwS=OvWZypbfTHsdjSLeMNFaq5TM7De0MrQO32fz-cHg@mail.gmail.com> <99d648e3-9f72-393a-a16e-225e340a8152@gmail.com> <AD1B50E9-8B8D-42E2-8BF6-818456D7505D@wordtothewise.com> <80374a84-6298-c45b-3fad-256bebd4f903@gmail.com> <96633d7e-7e7a-3012-9765-41f12872beab@tana.it>
From: Matthäus Wander <mail@wander.science>
Message-ID: <ee8556f0-2cfd-135a-b09e-92285f6628b2@wander.science>
Date: Wed, 21 Jul 2021 20:05:41 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.12.0
MIME-Version: 1.0
In-Reply-To: <96633d7e-7e7a-3012-9765-41f12872beab@tana.it>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms080707070204080806020708"
X-SA-Exim-Connect-IP: 2a01:c23:708c:4c00:8542:10d9:9af7:8c35
X-SA-Exim-Mail-From: mail@wander.science
X-SA-Exim-Version: 4.2.1 (built Wed, 08 May 2019 21:11:16 +0000)
X-SA-Exim-Scanned: Yes (on mail.swznet.de)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/5dJssCR3M7ZCXQsnFS7UvGOiUQQ>
Subject: Re: [dmarc-ietf] Ratchets - Disallow PCT 1-99
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Jul 2021 18:05:52 -0000

Alessandro Vesely wrote on 2021-07-21 19:41:
> Some lists operate the evasion hack, a.k.a. From: munging, only if the 
> sender has p=quarantine or p=reject, some do it unconditionally, some 
> only if the mail is outbound, some only if the receiver is mail.ru.  
> Behavior doesn't seem to be settled yet.
> 
> We should add a section on From: munging in the spec.

It's explained as mitigation in RFC7960:
<https://datatracker.ietf.org/doc/html/rfc7960#section-4.1.3.1>

What's seems to be missing is a recommendation to not change DMARC 
validation behavior subject to p= or other conditions. A conditional 
validation makes p=none less useful for monitoring of potential delivery 
problems.

Regards,
Matt

v2.23.0 | Report a Bug | By Email