IETF Logo Mail Archive

Re: [dmarc-ietf] auth-res vs. dmarc

Douglas Foster <dougfoster.emailstandards@gmail.com> Wed, 30 December 2020 03:43 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1BE53A0EA0 for <dmarc@ietfa.amsl.com>; Tue, 29 Dec 2020 19:43:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hOr-ZZq2lwdM for <dmarc@ietfa.amsl.com>; Tue, 29 Dec 2020 19:43:07 -0800 (PST)
Received: from mail-vs1-xe2c.google.com (mail-vs1-xe2c.google.com [IPv6:2607:f8b0:4864:20::e2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 313623A0CE6 for <dmarc@ietf.org>; Tue, 29 Dec 2020 19:43:07 -0800 (PST)
Received: by mail-vs1-xe2c.google.com with SMTP id x4so8018102vsp.7 for <dmarc@ietf.org>; Tue, 29 Dec 2020 19:43:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ea+93L8LBDUxAHh7fUnsRZ+UgIFHJYjJB90Gf1IJnQI=; b=tWGEt9gU4K1GVoPqHvvM2Z07zhfgORpdRKMf4CU9Ti/JbLkuT4/p7DqyVQM/yRNaxb QIwsT5OQ9ukYvFAofJk97Lewq0zUa6mOok1Tj+2M87gkcUhUsrv79bRgjI6F5mdemfeU Xf7p3egB0xx7DCoCcXMKw+sRlg6Mm4CDL8lSJglXiDLwyzFg25kS9ah7IBYK3MoMlfPM mtd6hy6iGPY1sVUxQlobAI7JqklUz+5Qw8+9VJhBkQCleSWbNcHdfh8sCDzbmQyVl/OI tyIFfq5kYXQFxuk96exh3KBI9zwUxCL4CmvqNzLdi13k0VkpMCMVZ2cYh0vu0Tdla8sN CVkw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ea+93L8LBDUxAHh7fUnsRZ+UgIFHJYjJB90Gf1IJnQI=; b=I7t7n09gNp/khI2GylEqRsDi6rSHk+JRZ23hn+ydkI/MBE10O9MB8oVJg4znH5hl8k 5l8Ed/ROFZi9eJ7uyrdTru9ev9IkmGI73J8H+on7huGitjd4Silz2vsnHUOWcsZ16IO5 JDZqu0oQ8U6MB9tNO1Xr+n22P5vsixmhhCcHg29nvPetRmACd+qkO4ZrrXyK78gMCrV0 I2ziBT1cN2l6lThdiq0sv6ytZ8+uJEDxQIvOUTBQnF2Olap63g2isZj1vAVfIQk8fi0b umTGuX9MCofcnBwQm/8Pn8gQxQoOOTeV45U3Z4JKdZqepdam8uJPd4g0+VA7K0xIUrKD d2AA==
X-Gm-Message-State: AOAM530Sh0cDjUujo97OvhDjjgXoAgyVKkcJ6Kmy2uXy+1YauOEO8p1j wwlNyXE84qmz1/15yF4AF1RIKJbXwfoXsde8BJg=
X-Google-Smtp-Source: ABdhPJwTG2J+E0pADP89QKO7/KGIwFU9+VnDyj271s8Ai/VTvcZG7Y1fLNwssOhVu8RCbwUGeX0DjRsjAN7dkzhmeJk=
X-Received: by 2002:a67:507:: with SMTP id 7mr31881180vsf.42.1609299785391; Tue, 29 Dec 2020 19:43:05 -0800 (PST)
MIME-Version: 1.0
References: <9f6782b1-e85b-1a9c-9151-98feff7e18ea@mtcc.com> <CAHej_8m0OWsTt+tcSgUh+Fxu=HH_57nsb2O1Q_fgA2453ceh4g@mail.gmail.com> <140485eb-020f-4406-3f2f-e2c475ea51e5@mtcc.com> <CAHej_8mApfoF2ORgL+DoYTanrdhMjvT9H27kORwLKCQc1C9sRw@mail.gmail.com> <5588dbbe-b876-ed80-c80f-792380e3718f@mtcc.com> <CAHej_8=kW_t_JkOxUud1Uz8+PrbMh5CfwfxZK=mhe0wjW8wQpw@mail.gmail.com> <54dd9978-bcd1-6757-ad27-dcef6db6e5f7@mtcc.com> <CAHej_8kCi=7oqojDH_rbjn7kRg-PTDJWLgcKTGK9z-baUnKeMw@mail.gmail.com> <ef32de1e-d47e-1d0f-3cec-5994c7fdb7ae@mtcc.com> <CAH48ZfyxXz-2Wpwmzi+mW_KSS0aS06+yiEOk3YB_UrOKdcsQjA@mail.gmail.com> <CABuGu1raONsO8coqr6Kndtp65SpYGwinvUFWLGqpCUqPVutMpg@mail.gmail.com>
In-Reply-To: <CABuGu1raONsO8coqr6Kndtp65SpYGwinvUFWLGqpCUqPVutMpg@mail.gmail.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Tue, 29 Dec 2020 22:42:55 -0500
Message-ID: <CAH48ZfymLLUSwVrMjHp3sbPDcO7Z0w2_eJPLFRVG7kdNeEU+FQ@mail.gmail.com>
To: "Kurt Andersen (b)" <kboth@drkurt.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000ba2d005b7a64eab"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/9KSRi492SiVmac6A5qXA1Q1Bq24>
Subject: Re: [dmarc-ietf] auth-res vs. dmarc
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Dec 2020 03:43:09 -0000

Does it help if I agree with you that it should have been brought up?

To your implicit question, I did not bring it up because I was not involved
at the time.  On the other hand, that effort did not expect an A-R to be
used outside of one ADMD, so the need for source identification was not
obvious.

ARC introduces the idea that A-R data might be useful outside of a single
ADMD, so ARC is the opportunity to identify the data needed for this to be
workable.   ARC is still experimental, not standards-track.

DMARCbis has forced recognition that indirect messages require different
filtering algorithms than direct messages.  To create those algorithms, it
should be axiomatic that we need to be able to distinguish direct messages
from indirect messages.  Having done so, we need to extract the additional
information needed to apply a differentiated algorithm correctly.

I am simply an individual contributor trying to figure out how to use this
stuff to correctly filter incoming mail.  Show me how to correctly evaluate
a forwarded message without understanding state sequence, and I will be
happy to imitate someone else's success.

Doug Foster




On Tue, Dec 29, 2020, 9:50 PM Kurt Andersen (b) <kboth@drkurt.com> wrote:

> On Tue, Dec 29, 2020 at 5:31 PM Douglas Foster <
> dougfoster.emailstandards@gmail.com> wrote:
>
>>
>> DKIM, A-R, and ARC should all have a mandatory attribute indicating the
>> HELO name of the server applying the header, the IP Address of the previous
>> server which supplied the information being evaluated, or both.
>>
>
> With all due respect, it seems to me like this is something which should
> have been pointed out before this WG came to final consensus on 8601 (aka
> 7601bis). A-R and AAR were not designed to be fed into a determinative
> state machine.
>
> --Kurt
>

v2.23.0 | Report a Bug | By Email