Re: [dmarc-ietf] ARC vs reject

Alessandro Vesely <vesely@tana.it> Sun, 06 December 2020 13:35 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27AE43A0DAC for <dmarc@ietfa.amsl.com>; Sun, 6 Dec 2020 05:35:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.121
X-Spam-Level:
X-Spam-Status: No, score=-2.121 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DMCMS5rIoGr4 for <dmarc@ietfa.amsl.com>; Sun, 6 Dec 2020 05:35:51 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B9323A0DAE for <dmarc@ietf.org>; Sun, 6 Dec 2020 05:35:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1607261749; bh=HSUcqvB/LPMz0Hd93qUTW9rzVeYLZBMJ5YAxlNKi51Q=; l=1621; h=To:References:From:Date:In-Reply-To; b=C/CqFyX2IZ5ZmGB9XiDfHXlcQs0X43qJXzxQ7tERk93ZE08vDimXJMO+0K3Q7Qizy GVORdUao9cbnLUoTDxbr84ha4QbkaoU85pw+Y/3OHfW4+OASMMYeorMTj+R2rHgM/m 9xjpYYXEKdXLD2CXz5ttZ4fB/qNJuArGu1IAaDGQsSkuv/CkNtZlpaz3QRWOv
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC03D.000000005FCCDE35.00004759; Sun, 06 Dec 2020 14:35:49 +0100
To: dmarc@ietf.org
References: <20201205231059.2BA23290EDCD@ary.qy> <b437a23a-7e7e-f70d-04dc-49810d002c43@mtcc.com> <b6950472-599b-d0a7-c0d1-82db099fb99b@gmail.com> <7ae42764-176d-11a8-e084-b10b6f676944@mtcc.com> <cb526017-c198-44f1-7282-986e5a810d6a@gmail.com> <8142f18c-ac79-1f94-97d1-2704f0b4ceb6@mtcc.com> <CAH48ZfwHKoVZn9RdhBh-xU=he8=smB59R5EF1TYJ_0upEDHn2A@mail.gmail.com>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <e9e7d951-1eaa-b64e-25c4-11db22ca9db7@tana.it>
Date: Sun, 6 Dec 2020 14:35:49 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
In-Reply-To: <CAH48ZfwHKoVZn9RdhBh-xU=he8=smB59R5EF1TYJ_0upEDHn2A@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/DgF2oksHHbmQp3OpANgcOYS7UYU>
Subject: Re: [dmarc-ietf] ARC vs reject
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Dec 2020 13:35:53 -0000

On Sun 06/Dec/2020 02:20:47 +0100 Douglas Foster wrote:
> 4) On the future of ARC:   The idea is harmless, but I do not see it 
> achieving the list-industry goal of eliminating From rewrite.  It actually 
> reminds me of DKIM without DMARC - a technology looking for an algorithm to 
> which it can contribute.    Since nobody can articulate how a recipient uses 
> ARC information to reach an expected conclusion, something important is still 
> missing.    As I wrote in my last post, I think it fails to provide enough 
> information for a useful algorithm to be defined.    Even if that can be 
> solved, there are bigger problems.  We have no algorithm for a list to know if 
> a particular recipient uses ARC, or whether it will use the ARC information to 
> draw the desired conclusion about list messages.   Without those answers, 
> the list is doomed to continue From rewrite even if when it would not be 
> necessary.   And much of this is about AOL in particular, and the currently 
> available information suggests that AOL is not on board with ARC.


I agree with the above analysis.

I'd add that ARC is most useful to large sites that develop a global reputation 
system, as ARC allows to fine tune message attribution and thereby adjust the 
very computation of reputation.  On the opposite, small sites may have problems 
trusting last hop's ARC data.  They can still seal forwarded mail, though.

As far as working around From: rewriting is concerned, given the premises 
quoted above, the only way is to reverse such rewriting upon final message 
delivery.


Best
Ale
--