IETF Logo Mail Archive

Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-aggregate-reporting-03.txt

"Brotman, Alex" <Alex_Brotman@comcast.com> Wed, 01 September 2021 12:35 UTC

Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 130673A0CFC for <dmarc@ietfa.amsl.com>; Wed, 1 Sep 2021 05:35:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id POxDv4cGUsAb for <dmarc@ietfa.amsl.com>; Wed, 1 Sep 2021 05:35:04 -0700 (PDT)
Received: from mx0b-00143702.pphosted.com (mx0b-00143702.pphosted.com [148.163.141.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C5C33A0CF6 for <dmarc@ietf.org>; Wed, 1 Sep 2021 05:35:04 -0700 (PDT)
Received: from pps.filterd (m0156895.ppops.net [127.0.0.1]) by mx0b-00143702.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 181CWaD3032677 for <dmarc@ietf.org>; Wed, 1 Sep 2021 08:35:03 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=20190412; bh=1ho17HrhkkuiTGLHX83hAigJUrXBJsyogbutIJAFAkg=; b=ADnZ9OPeWBrafi3s+ekUXY705S2Y3HMnfCRUdBsb3Yhfrfoy+AQilD86C6kOZBayb2nz h5Fg7OflP4k+0yxDUSrlt3xgO4L1l9qRFMrMTPBxZifrZs05jQlFIoktKyyr9YwHprCb zafC01IHDDHZTpceZmOvWiFOkBWShRQLXL7XEZed2e4wysKJgNtbQ2MbqvKMjaUqdDNm lBlHh1ieNpj00Cpx9VztmpngP6LjHnJ/DnH7KzHe+P6xV7GEiOJJKSXKmzyUynZolYsT wvVJ+xYkVlMSxI5yoiPM/DvkD23b6EZIn6iJg9MBqqPCwcG60CMs7aMRHLiSuFhQdqUe RQ==
Received: from copdcexop04.cable.comcast.com (dlppfpt-po-1p.slb.comcast.com [96.99.226.137]) by mx0b-00143702.pphosted.com with ESMTP id 3at85x8k5p-3 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <dmarc@ietf.org>; Wed, 01 Sep 2021 08:35:02 -0400
Received: from copdcexc33.cable.comcast.com (147.191.125.132) by COPDCEXOP04.cable.comcast.com (147.191.124.159) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.2.858.15; Wed, 1 Sep 2021 05:35:00 -0700
Received: from COPDCEXEDGE01.cable.comcast.com (96.114.158.213) by copdcexc33.cable.comcast.com (147.191.125.132) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2242.12 via Frontend Transport; Wed, 1 Sep 2021 06:35:00 -0600
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.106) by webmail.comcast.com (96.114.158.213) with Microsoft SMTP Server (TLS) id 15.0.1497.23; Wed, 1 Sep 2021 06:34:55 -0600
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by MN2PR11MB4758.namprd11.prod.outlook.com (2603:10b6:208:260::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4457.24; Wed, 1 Sep 2021 12:34:52 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::24ec:21c2:64ab:d603]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::24ec:21c2:64ab:d603%7]) with mapi id 15.20.4478.019; Wed, 1 Sep 2021 12:34:52 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] I-D Action: draft-ietf-dmarc-aggregate-reporting-03.txt
Thread-Index: AQHXlG7ME1KBSI27fUu2ZpyhXmS1Mqt5tfhwgAD5DwCACzq8AIAADv2AgAE1u4CACAK0UA==
Date: Wed, 01 Sep 2021 12:34:52 +0000
Message-ID: <MN2PR11MB435159F91A6B1724449AD91FF7CD9@MN2PR11MB4351.namprd11.prod.outlook.com>
References: <162931814528.27585.7766323503338537947@ietfa.amsl.com> <MN2PR11MB435135100512B84A5FC86CFDF7FF9@MN2PR11MB4351.namprd11.prod.outlook.com> <2c64b7b4-b758-ec8c-e233-6016ad4ba205@tana.it> <CAL0qLwaC2gARSS1LNoR_4ukLAWQYUZLi3wJoor_wr9=xEccJgw@mail.gmail.com> <50110060-D6D5-42EA-85A2-F0777DF3D82E@kitterman.com> <6fa5294e-6e3d-bda6-5f1b-96a074bbc147@wander.science>
In-Reply-To: <6fa5294e-6e3d-bda6-5f1b-96a074bbc147@wander.science>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=comcast.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 296d3991-9d85-4a34-7fef-08d96d44e5a8
x-ms-traffictypediagnostic: MN2PR11MB4758:
x-microsoft-antispam-prvs: <MN2PR11MB4758D417B2AD088ECF2E31F5F7CD9@MN2PR11MB4758.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: Mzio6bwQOcHcEds4GPrLLwkGJWF2J+30XEzm66d3hI0s47kfVc7bErsKMQLsPa1o8P0X3kawyhaIpt6NTdC5bULU+M7gFhHbR2m0DHshbj+J9Xg4UzjQCdYZVQUKvYnirMXaD76aUdOK9vHcEpNuo4DJiRhoQe5/NDeT6iind4zlV1o5/Y3UbRgzS1rFDv2WwyzCAhdfkSzRQWFV7oBkh9VFFSc8WBUlatpsovlYcSWOX2mUM1ehC01Ew++5xn2i3xNIQSpTFH4gAMxVWfzPFJxFy5MdqWvPqHkC6dz7BunSJV/g1wTby0dHsCF98ZrXe06qZaVrHSmgd+9dC6ktsgbNlPIV5sgLILbWlYmGhSKNL6IDprcA8bQqW4eneTpBslmOqSH5NeX+OlqwNH89pBnKE5pW0Vi/TG53W9c7cKkzN8oOKZ6xdGnWWJ947DNDM73Kd9uDbQePHGJr7KMEMeaCh6kWWs60AGR1G/QqlXTU3rbXZBKjFOhnrNQed7yLzQ/4BaVgUVELlguxlKb3WvXbgFAcZGpHU/OP7xO7wyUwjlkBj6YGLY7JHbknUIk2ekRL8Gr6iTRb+DLq9FTeYJSDLCKSDWNo3srpj9fAwTKV1NARANfwa/QjKXx1ecaU47R2InR79zl40RfYvmUzWWLTBUrIx1Sbstjq1WUJ3gmuVSWybRYBqXFf3EFMunVehHiDIyGuM79jPYPUsH5NpJDK6f12PmrSPIsBzT3iv6kgzeMo/l0k5Vq/KVD9SWuUxvBoP7pC8fQvgINIX2iJybBAaRMjunbm90OFGvkUXis=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(39860400002)(136003)(396003)(366004)(8936002)(71200400001)(52536014)(9686003)(6916009)(186003)(33656002)(66446008)(66574015)(83380400001)(2906002)(66476007)(76116006)(7696005)(66556008)(122000001)(316002)(966005)(38100700002)(8676002)(53546011)(64756008)(6506007)(38070700005)(66946007)(55016002)(478600001)(86362001)(5660300002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 4qMhirtjNLGodG9HR4IhfMxG7GjeD1t6vsfqECoqUl6/E41NHjSQZ8SQT77Sequn4Ut4XYqeTFVp1LMIX8Mwzq2huxgHV2hiTX8RyBcp1ZjHVtyUS8K2QfQ3BZViyKFMn67cLBpuEqZsgg00qgap5BxfhgzBjTSpA2LcrwtThk/K9llFTi+2gwWlS4n3XeyqEU45kjBXFzAogSZBa0nOcgH8tFT3CXENkNnX2YvOwNv+SBpxHghJE3IxeTQ7TzSZBoUBI5zwnfc8Tpyv4YG1cGO4dpQvIPscyh0hNDBlcI3s8h1vF5TWfpKBcfAmCH5uIVUjrvtUNSNRDa49tdTl7Zv0sHL3Jm5x7wHK/a+uSTcysasKkYUd7EVGev7tzCzAyWTe4pafOwXfMMGQPHSiVbaCGUyg/Hl5OGWndu/G6znY93Kh2ndoTpsj+O3dgQr/mwXt8bs+vxc2hSU7jsFi/Xap0EKIF21ycNqNm1JcoP5KYfTbHvvVJp4mQovVTFWGiSklehHiNpTZATYbzoR6bzJqNOcQTlkaCdtNWa+0fGIR8EiqJdOUq9aMS8MmIwscJvxaeYc2X5KZaNxLyxKkqB+Sfbvjr1klIawIOHIrcMH1QUHCAj4DvGK2cGbCKMkA4gr+zMWebHLwPy2ugIxQZYhs0OKrB8pzCPOoVQw3V+GabNxqbtdBwH9AlTo9Bf8Y3+8qQh01vV1fv7PdeC8gCJY8+ZEuAWKJTSwMFDr5xomIyjDRRvW7mbzkRuRlHt56/0f24OZS1cjnYiXM9Uzdfi9FI5b4onHaWsKZRrJihta3/lOJijKg0hM3w+p6oQen6n2Vz6MCGht0zadwPveEsJBVa2nlqaUkMzuvIrbZSHi9J7aukdtT97DxhBZ7XVhFVfuFDGfkNCg73//Ho0LGhkbr3XiEyLBS4Wyflx5bdNNoJ3b+4SfzoP3zgONa1X3vidi8rIdrnkP1ASoY24QQa/EjncN/MQjKvm1urxuocTvUMFPd8iawW1svLp3lSFjnFk78dwxB7snCC4wwkefP/0ltWQSJR6EMeM1QsEhsWEkfHf/XzRDEqzYU0U4IWnKEBUKSDIjtYZISPtonUI9DPlpdjSNmhGEIyzR0PlZ1WLRM90NRJUlhMmTASmvI/aSjJbZeUQTh1cGBrO/mQ8F1oCi3zCpBQhJSQtvzO7RRZuaONahBiSws81QIbzSa9vpb5APfu/SFGHkGPP4EUnP7ShljR0O+gBLhXxrmki3l1gMknAH3tlCdjPf4tVrQ0mlN0eCXGCRNNoTdDv5PhZ8LK3h3IuALkrcYzlmvVp24CGeFgpAJVFmbvWLraXBch+hiC9aSE6ghZZ9V1wA9oODHNYhKOjOfWvJyMdV+VPEqD48=
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nBxCiZcG5YWD3WNGdn4SPzfsuHUeNOxWRvmxIR4tlYHzQmQhlbddLzZeH0/i78oYl2/8G+r5/BjLO6yJv7S/+jdeL4h8R/nTdOLBgX3/x+t3iHppQNNxopyWyDjnL0jM4d44m5nEOTVHcg0wWOgOrcqwogDOGKAUMBYzEiMkRZSHDTFScDNSyK2PKYTWuRslhnLxcdqPkda3fnBObLdyqE0wwUy3dFYQolyJzLSWPf5Y+uhqayD7MDQdoOHtc3yfyAeJqCidqeB7dvGh1dWt1h7IvHEYDtSz55yV/NJ+mc/+uhR4Z6ydOHVJ9HDxPCvS7r1btK/M89j3LJH6bvmN9A==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3nuy/Kdg+AtktFXbUn7T0RpW/0pMqr+c5JFaDdt/dXs=; b=XLPC+99m9+vQLvaJWqedsQS6sRXakRllArizIp+/dOxeWQGBBi8wTpd5mVqSB+MIc6JE7E5NSwcEVmBtJijiHEW8m/2ObXLT2nOaK3YTzS8hHD0cbDCj+SXG2bBvLeZXT4SdqbOmZY9fDm0ic2rcDT3S+lhPzWQKUI/xLfSdPiPBrVWcxyYAfGQrtPmXZmYZguDplxibKDdRHmmRSNytCqaZsHvFgWgdc7f+hYRiLm7XyHvF3N0e61fJ+juIh77oNIGeE4TbIGAC04ERK0MT+D6j/izlwSZCsrD5BN7vRfBDWcRb9yNXIpQ5oSvIuckPvLWZ8d9nDY9O7eul2k213w==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4351.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 296d3991-9d85-4a34-7fef-08d96d44e5a8
x-ms-exchange-crosstenant-originalarrivaltime: 01 Sep 2021 12:34:52.6725 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: DMtCM2w2UCM1zTqyUOrO1Et/82/s2XmENcTazgqPnRCdqHQvzO2ZZfID1VIdSgPHwiEApsBC/u8gg6/J7OLWb9fiwaKJrXqfVFeaHyrZ3H4=
x-ms-exchange-transport-crosstenantheadersstamped: MN2PR11MB4758
x-originatororg: comcast.com
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-CFilter-Loop: Forward AAETWO
X-Proofpoint-ORIG-GUID: gaPQPmJNIgZicdcD76vM3kzAurTjZ49l
X-Proofpoint-GUID: gaPQPmJNIgZicdcD76vM3kzAurTjZ49l
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-09-01_04:2021-09-01, 2021-09-01 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/96V8zxK230yoyMzR3EuHSf-qavc>
Subject: Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-aggregate-reporting-03.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Sep 2021 12:35:11 -0000

It feels like folks would prefer that the subject be required to be of a specific format to better enable duplicate report processing.  Do I understand that correctly?

So that would be:

     If a report generator needs to re-send a report, the system
     MUST use the same filename as the original report.

And:

     The RFC5322.Subject field for individual report submissions
     MUST conform to the following ABNF:

And we need to add some language suggesting how to deal with duplicates report transmission, if they happen.  Scott/Matt also pointed toward a few other areas that could use with a bit of clarification.

--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast

> -----Original Message-----
> From: dmarc <dmarc-bounces@ietf.org> On Behalf Of Matthäus Wander
> Sent: Friday, August 27, 2021 6:10 AM
> To: dmarc@ietf.org
> Subject: Re: [dmarc-ietf] I-D Action: draft-ietf-dmarc-aggregate-reporting-
> 03.txt
>
> Scott Kitterman wrote on 2021-08-26 17:41:
> > Why would a report be sent more than once?
>
> Happens regularly with Google as reporter. Seems to be a design choice.
>
> > Other than error cases, the only thing I can immediately think of is the case
> where the report was sent, but the SMTP session doesn't properly terminate
> so it's unknown if they entire report was received.
> >
> > Which leaves me wondering what the receive side processing should be?
>
> > Should partial reports be discarded? (draft is silent on this)
>
> CRC would break with compressed files in this case, i.e. the report would be
> clearly invalid.
>
> If the reporter generates a partial report but with valid syntax, then the
> report consumer will have no way to detect it. Re-sending the full report may
> fix the issue (if the consumer implements an overwrite logic) or make it
> worse (if the consumer doesn't deduplicate).
>
> > If a complete message has been received, then I think deduplicating based
> on the Report-ID makes sense (don't have to open up the MIME parts to do
> it).
>
> Yes.
>
> > It's not clear to me from skimming the draft if one message can have
> multiple XML files or not (I'm less familiar with the details of the feedback
> part of DMARC).  If there can be only one, that's probably sufficient.  If there
> can be more than one, then there may be a case where one file was
> successfully received and stored, but another wasn't.  In this case, you would
> need to examine the MIME parts, so filename consistency would be
> important.
>
> The definition of one Report-ID in the subject line implies that a message
> carries no more than one report. This could be clarified in the RFC, though.
>
> Regards,
> Matt
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/dmarc
> __;!!CQl3mcHX2A!VARGCtFK2D3DtJLxI2cq5iDvCCraX74A2LhFHQst6COZ1K187
> _UjKv583lD5kM8thacb$

v2.23.0 | Report a Bug | By Email