Re: [dmarc-ietf] Tickets 98 and 99 -- fake reports are not a problem and if they were authentication would not help
Seth Blank <seth@valimail.com> Mon, 25 January 2021 21:59 UTC
Return-Path: <seth@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A04783A197C for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 13:59:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.198
X-Spam-Level:
X-Spam-Status: No, score=-0.198 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yswEn4eP2H_c for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 13:59:23 -0800 (PST)
Received: from mail-vk1-xa33.google.com (mail-vk1-xa33.google.com [IPv6:2607:f8b0:4864:20::a33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A14D43A197B for <dmarc@ietf.org>; Mon, 25 Jan 2021 13:59:23 -0800 (PST)
Received: by mail-vk1-xa33.google.com with SMTP id e10so794860vkm.2 for <dmarc@ietf.org>; Mon, 25 Jan 2021 13:59:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=20XNU3AteZsV+g3cZx+AJpXB9WN00/nGu29Wmqj8LZU=; b=Y0nyjIinr7Rf3NlOYeKZldCloEKVYjKF25AQn47+NpIRsnJAI4nw6FaPc4VtlTaw2Z ozDvtw7cSzCU3DhVJQWG6wfpXF5v8zfCOTWFGsfU1UPjzgbV/gGLMU0889nE8K5QjQq2 Fi04BVVelbrv+UpXQiOrk/eksgJk+kCQQwg+kz87ZAGvL/K2afF9B/RTGxXUpSMnLJjK 9+8SlkaVpClkxGY382jM5vbbZdD7mgJh61zA558WD1tNYXkTY5AAKFgC1z9qDLankLE2 XpHi2YYTKoInfyy/sm8O2XGwZ0ARNX0hg4oha/SfPXC7UIg02RFjfQHLQkVMhtzm++fK eOfQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=20XNU3AteZsV+g3cZx+AJpXB9WN00/nGu29Wmqj8LZU=; b=lnWyi3EFznz0LU33UfeZxPrCKY+JMzzUV3ntlkYVfukrxq8VpninegC3bKXBmdrFaj lgsqh/m6bxzM9RwBbramEtEkfqha5OhshiCTYf2idCesPiQQ9els0meK3Y12kqqKiNPb JKxt6bCWcXwkfE7fZE8H8hPFRURXn8Zorji87la8bF2dsuP0617xlo9Sqn11IbXtpV4u 6HMjzc/MXoP/0GVQSFUUiSJKx4xtOBsJMOvtLXhgpcK7tv5UGHejHicw/JejjXD4qWC4 WYncoAYPvU8pU0rY+mlRKont/8gL6IjzoRDFgCF7QqZnuMoRtXvIYqKulVE29G17YAs9 UL7g==
X-Gm-Message-State: AOAM532epLAj5OWTvCjISeVxSAgYxnRgIVmIVjQAUc91kjeT7U4qKsUn HJ6/XDCRDpZWApCsgHSRSsJjKoapeVyzWFG+yF4ceDYlbBA=
X-Google-Smtp-Source: ABdhPJxOHP5k/xnnoQ4hTYzc2UMUsngTEM/cuy4d0SKa+z00cgnKwOOV1NbKPE1dQdDXH0t7qDFwRjc2jJ/0mpvIKJM=
X-Received: by 2002:a1f:9705:: with SMTP id z5mr2400198vkd.3.1611611962504; Mon, 25 Jan 2021 13:59:22 -0800 (PST)
MIME-Version: 1.0
References: <20210125195231.E0DE16C13E26@ary.qy> <12abca41-4420-37c7-c903-7decc012027a@mtcc.com> <CAHej_8nr=SOuk0eUR481xMWhQ8JC5fjhHeE64w++Ltf0XM9TQw@mail.gmail.com> <84ffcfcd-d391-4382-6a23-dfe100407476@mtcc.com> <3ff74c76-9ac9-d4ce-32aa-96fea9a8b0e3@crash.com> <1767db9a-ce8a-7c85-0aec-7ebda4680ab2@mtcc.com>
In-Reply-To: <1767db9a-ce8a-7c85-0aec-7ebda4680ab2@mtcc.com>
From: Seth Blank <seth@valimail.com>
Date: Mon, 25 Jan 2021 13:59:11 -0800
Message-ID: <CAOZAAfMc8YO0ON581N3LwFqXnEBu5+QnUNDB6TAaNuYYnEEkJQ@mail.gmail.com>
To: Michael Thomas <mike@mtcc.com>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008a8b8505b9c0a6ac"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/61hgaF9KO676PZuDjFz7i5fPf3I>
Subject: Re: [dmarc-ietf] Tickets 98 and 99 -- fake reports are not a problem and if they were authentication would not help
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2021 21:59:26 -0000
This thread is now counterproductive and needs to come to a close. Michael, your continued assertion has been that unauthenticated reports are an issue. But so far no evidence has been presented that reports are sent without authentication, or that the text of the document is the cause. This thread is going in circles. It's now official CLOSED, unless someone returns with evidence of an actual problem here. Move on to other tickets. Seth, as Chair On Mon, Jan 25, 2021 at 1:55 PM Michael Thomas <mike@mtcc.com> wrote: > > On 1/25/21 1:26 PM, Steven M Jones wrote: > > On 1/25/21 12:18 PM, Michael Thomas wrote: > > > On 1/25/21 12:08 PM, Todd Herr wrote: > > On Mon, Jan 25, 2021 at 2:56 PM Michael Thomas <mike@mtcc.com> wrote: > >> >> Sounds like a bug to me and an issue should be opened. Just because it's >> a 10 year old bug doesn't mean it's not a bug. >> > > I disagree. > > Authentication results should not differ at a given provider based solely > on the destination domain, so there is no reason to report results > separately for each destination domain. Further, there's no value to the > report generators, especially at large sites like Google, to expend the > resources necessary to generate and send X reports when one will do. > > So you're saying I should be free to spoof any domain I want because > Google might be inconvenienced? > > > If the language in 7.2.1.1 that Seth cited is "working," then report > generators are sending reports that pass DMARC and the report receivers are > validating that before ingesting the attached reports. However this only > provides some degree of attribution for the report itself... > > Yes, if that were enforced that would solve the problem. Given the > confusion my guess that it is not. That paragraph could be a lot more > specific about the mechanisms and motivations which I suggested in #98. It > probably requires even more than my suggestion after seeing all of the list > traffic going by. If gsuite is aggregating reports from all of their > domains they host into one report, there is clearly a problem both with the > text and with implementations. > > And of course, any proposed http method would have to provide equivalent > protection. > > Mike > > _______________________________________________ > dmarc mailing list > dmarc@ietf.org > https://www.ietf.org/mailman/listinfo/dmarc > -- *Seth Blank* | VP, Standards and New Technologies *e:* seth@valimail.com *p:* 415.273.8818 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
- [dmarc-ietf] Tickets 98 and 99 -- fake reports ar… John R. Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Douglas Foster
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Murray S. Kucherawy
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… John Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… John Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Douglas Foster
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Douglas Foster
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… John Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Alessandro Vesely
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Alessandro Vesely
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… John R Levine
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Alessandro Vesely
- [dmarc-ietf] reporting security requirements Michael Thomas
- Re: [dmarc-ietf] reporting security requirements Seth Blank
- Re: [dmarc-ietf] reporting security requirements Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Todd Herr
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Steven M Jones
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Michael Thomas
- Re: [dmarc-ietf] Tickets 98 and 99 -- fake report… Seth Blank