[dmarc-ietf] DMARC PSD and non-existent subdomains
Richard C <Richard.C@ncsc.gov.uk> Thu, 30 May 2019 16:06 UTC
Return-Path: <Richard.C@ncsc.gov.uk>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7A1CF12010C for <dmarc@ietfa.amsl.com>; Thu, 30 May 2019 09:06:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yLMWXGaLXsjB for <dmarc@ietfa.amsl.com>; Thu, 30 May 2019 09:06:21 -0700 (PDT)
Received: from GBR01-LO2-obe.outbound.protection.outlook.com (mail-eopbgr100114.outbound.protection.outlook.com [40.107.10.114]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35798120058 for <dmarc@ietf.org>; Thu, 30 May 2019 09:06:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LFmCSNSOcFd+UYrM777ENSLA5/Yym4Aibn+eU9DGYPU=; b=WqaE5zBtDoJa6vDU/3UQ98j/Q/xVIk1L66f1VNGho7cDwBGJYexJBNBhsBrixvCW1MC2Xg98WTLPIwvWtIBp/2VBW8Qr/js0FCOTJRlaOqj2rqad5FXulfiFrtHl0XQrFwU/Y9/OHIUAwRorfMLEBLdql2iubbTzRojz8j7+2nw=
Received: from LO2P123MB2334.GBRP123.PROD.OUTLOOK.COM (20.176.156.23) by LO2P123MB1710.GBRP123.PROD.OUTLOOK.COM (20.176.154.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1943.17; Thu, 30 May 2019 16:06:18 +0000
Received: from LO2P123MB2334.GBRP123.PROD.OUTLOOK.COM ([fe80::fc74:1f4:86dc:24de]) by LO2P123MB2334.GBRP123.PROD.OUTLOOK.COM ([fe80::fc74:1f4:86dc:24de%7]) with mapi id 15.20.1922.021; Thu, 30 May 2019 16:06:18 +0000
From: Richard C <Richard.C@ncsc.gov.uk>
To: "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: DMARC PSD and non-existent subdomains
Thread-Index: AdUW/jphmQ6IwLIpSlOVp/KM9LEwVA==
Date: Thu, 30 May 2019 16:06:18 +0000
Message-ID: <LO2P123MB2334F6DE24EFE7FF43DEDB39AD180@LO2P123MB2334.GBRP123.PROD.OUTLOOK.COM>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Richard.C@ncsc.gov.uk;
x-originating-ip: [51.140.78.31]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 038070da-517c-4106-1abc-08d6e518c00d
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:LO2P123MB1710;
x-ms-traffictypediagnostic: LO2P123MB1710:
x-microsoft-antispam-prvs: <LO2P123MB1710384A8923AB6160823672AD180@LO2P123MB1710.GBRP123.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 00531FAC2C
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(136003)(376002)(346002)(39850400004)(366004)(189003)(199004)(51874003)(71200400001)(2351001)(66556008)(6436002)(64756008)(66446008)(66946007)(75922002)(81156014)(66476007)(5660300002)(73956011)(74482002)(86362001)(3846002)(6116002)(790700001)(2501003)(66066001)(52536014)(71190400001)(316002)(7696005)(81166006)(2906002)(26005)(25786009)(33656002)(478600001)(72206003)(8676002)(14444005)(1730700003)(256004)(68736007)(14454004)(76116006)(186003)(6916009)(6506007)(102836004)(9326002)(53936002)(7736002)(55236004)(99286004)(8936002)(74316002)(55016002)(476003)(9686003)(54896002)(6306002)(5640700003)(486006); DIR:OUT; SFP:1102; SCL:1; SRVR:LO2P123MB1710; H:LO2P123MB2334.GBRP123.PROD.OUTLOOK.COM; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ncsc.gov.uk does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: AJyfA3xFx3aFOF3MMvNb2Zv3aalaXkAfRoI+R1PytGKUMvZlyP3jSJn7eCXjlBrMDtfKsJfFiNnzaUFiNRBgG55vbM5ABzT+PIqJUg8WEVk5cA+paYeyHmSABpgn9q/rqCl9H2txbMLT0BXVNG9PwiMcsIf2gCfnTcQqWJw0X1Tke2PpjY9+jbNxxoBnhJdJsfkwDoWMIrdTonz6BwvpNdhO03oNm1VBjwchojD4xtKmuhOO0NIgZq195xIeFhNP2mgcWCk0g87UMrDku5umWfhOzQ/dVHztewN8Xd8qmHoTHC6N9oYTRo32tAo+5Img/0oTmxxiAl6HxWC6vPw0KxVnN5BYMIMVGr0B2g6bkn7Ajmae1Y2Gte/Pr70JfeRYFEP11X6KvPSTqouIA1KpQPOnFbpv+kLDR1uzm1+HrAA=
Content-Type: multipart/alternative; boundary="_000_LO2P123MB2334F6DE24EFE7FF43DEDB39AD180LO2P123MB2334GBRP_"
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-Network-Message-Id: 038070da-517c-4106-1abc-08d6e518c00d
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 May 2019 16:06:18.1794 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: richard49955@ncsc.gov.uk
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO2P123MB1710
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/Yag-9M2a4fXGkDe8CFx75Fk3bfs>
Subject: [dmarc-ietf] DMARC PSD and non-existent subdomains
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 May 2019 16:06:23 -0000
Hello At the National Cyber Security Centre in the UK we're supportive of the PSD DMARC initiative. However, we currently have one problem that would hamper its applicability to our use case: We essentially have the need to express different subdomain policies to existing and non-existing domains. In our case for the gov.uk PSD we'd like to be able to set a 'reject' policy for non-existent subdomains to prevent delivery of email from them whilst not interfering with authentication of email for the legitimate subdomains. Why? Well, whilst we have a programme of work to get domain owners under gov.uk to implement DMARC and other standards, it will take some of them time, and we don't want to inadvertently break mail delivery for the organisations that have e.g. implemented SPF but not DMARC. But on the flipside, we also know that non-existent domains under gov.uk are being spoofed for phishing, so we want to publish a policy of 'reject' on those and receive reporting about them. What would be the best way to incorporate this requirement? Thanks in advance Richard Crowther, NCSC This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk
- [dmarc-ietf] DMARC PSD and non-existent subdomains Richard C
- Re: [dmarc-ietf] DMARC PSD and non-existent subdo… Seth Blank
- Re: [dmarc-ietf] DMARC PSD and non-existent subdo… Richard C
- Re: [dmarc-ietf] DMARC PSD and non-existent subdo… Scott Kitterman
- Re: [dmarc-ietf] DMARC PSD and non-existent subdo… Alessandro Vesely
- Re: [dmarc-ietf] DMARC PSD and non-existent subdo… Hector Santos