Re: [dmarc-ietf] Ticket #28 - Failure report mail loops

John Levine <johnl@taugh.com> Mon, 07 December 2020 19:58 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B23EB3A0809 for <dmarc@ietfa.amsl.com>; Mon, 7 Dec 2020 11:58:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.851
X-Spam-Level:
X-Spam-Status: No, score=-1.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=Nqs8zeB4; dkim=pass (2048-bit key) header.d=taugh.com header.b=cHUhaKFa
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A-sUYuchway9 for <dmarc@ietfa.amsl.com>; Mon, 7 Dec 2020 11:58:23 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D5873A07B3 for <dmarc@ietf.org>; Mon, 7 Dec 2020 11:58:22 -0800 (PST)
Received: (qmail 3806 invoked from network); 7 Dec 2020 19:58:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=edc.5fce895d.k2012; bh=wd2guXw+Omey/MQ/xdVP+S3+vEo1bwkXMFwXs65uxhI=; b=Nqs8zeB4tx+WAd58TDl98wTkaiexy1vUbrVObeBJK/sOYEvc1XS67FIkVPZBuNV1FMqjiw6K45vcUGUKETpIuA3i3wQ5ymC9i9YQhB8Psc5cYpzULaq6UigpVrHm8DD0gcvhyaVzszZUqJI0fpMc9cTh+4DacKR2JOzWI8cKmclG2PajOJ9UyLIGZyOY9ecsYVmf4Hia0jYPmeahhMSf9z9UnJ8y4BFpdekXz5h2/nJFg+SKnkx0iF6d6GIVx5CbbPbeohaWT6m51PqZNYQruz7Wrsb9rxEFfCTzroTVR2+z7SAZk0ngEtlirswiqMzcBO93Z04sEvb0PeWwm7xjNA==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=edc.5fce895d.k2012; bh=wd2guXw+Omey/MQ/xdVP+S3+vEo1bwkXMFwXs65uxhI=; b=cHUhaKFaEQMUKpvML67cMBrw/PyUbdR7zdCRKS5xtDd8eeGFK4FYQxyIeeMxfXJDPQlHJAD1Km9FLVJdstJCJKQv1pt7lJ+63JZWu7wOnHqkSdVhAqN7VILxAXcZfi9FoIPIJkOYFpkA80OI++PrLQmiKRDlahLNE9yHmyu+ToIela7TDe4qE69gyIjrU4DLdkoDoojtxeXmC6bdunQucRbjuwh/1HLmJIfyP3UpoUkr/pcJeD9c3jSlJsT7ixAOy+Unw273nbQCIZmL9Ry6nkQWHoqn/VIBE0VtCPw9g476FUfOyp7SnN/yuzV7wM8FSQAUSeK64dUS7aj9UU1wSw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 07 Dec 2020 19:58:21 -0000
Received: by ary.qy (Postfix, from userid 501) id E471C2921A42; Mon, 7 Dec 2020 14:58:20 -0500 (EST)
Date: 7 Dec 2020 14:58:20 -0500
Message-Id: <20201207195820.E471C2921A42@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: dmarc@ietf.org
Cc: vesely@tana.it
In-Reply-To: <0408ae98-e1c1-71fe-fdd4-8bc7a7c151d3@tana.it>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/9UnepCR4M-C7nEqQDsQYdW7DjQQ>
Subject: Re: [dmarc-ietf] Ticket #28 - Failure report mail loops
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2020 19:58:25 -0000

In article <0408ae98-e1c1-71fe-fdd4-8bc7a7c151d3@tana.it> you write:
>We would like to close this ticket by Dec 18, two weeks from now, so please get 
>on it.
>
>The ticket originated from John's comment, in May 2019:
>
>     Apropos recent discussions, we could recommend that failure reports be
>     rate limited per recipient both to break loops and to deter indirect
>     mail bombing.

>4.  Some explicit loop prevention specification may be added.  For example:
>4.1.  send reports from a subdomain having a DMARC record without ruf=, or
>4.2.  never send failure reports about failed reports.

4.0.  Make your failure reports DMARC aligned.

Looking at the failure reports in my file, all of the messages
actually are aligned, so this is a solved problem.

Other than the the possibility of indirect mail bombing via failure
reports, which I believe has never happened, I don't understand what
problem we are trying to solve here.

Since the original comment was mine, I would suggest closing this one
as nothing to fix.