Re: [dmarc-ietf] Forensic report loops are a problem
John R Levine <johnl@taugh.com> Thu, 28 January 2021 03:08 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 678693A1189 for <dmarc@ietfa.amsl.com>; Wed, 27 Jan 2021 19:08:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=gL+xcm0j; dkim=pass (2048-bit key) header.d=taugh.com header.b=D3OZdQk2
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FYoMA1EGN2ZP for <dmarc@ietfa.amsl.com>; Wed, 27 Jan 2021 19:08:42 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D5463A1188 for <dmarc@ietf.org>; Wed, 27 Jan 2021 19:08:41 -0800 (PST)
Received: (qmail 37418 invoked from network); 28 Jan 2021 03:08:40 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=9228.60122ab8.k2101; bh=KJbhMnH3rvjA2TUh4ja+GVQ7P+FXIxVOLbIRu5Bp9pk=; b=gL+xcm0jy4EaYKT1OaRpZLXwb+e44FPpAax9n4S5DaHDIzLMTc9376PO5eyo6S+izYsJoL5+2u5/TbYhxgGKSBSYIxbkUHLZDa5F8Fv/cXuR3IHEA0GecIMzm1srXLJxjNamVoqgiNd2NsSjbA1CfzUnkmcyFtSPrXtYNN1U1aOxd2qOnrrGGzGVkNq8TX4bD66iIpKLZQMF1oOM0QV4iafU6852INhjIFeN2PobZiY7N7QYt330oN6l5d2zUq2l90UhIgjlTP4qynQO6e0mlxImW+pN5p840vk9ryzlxO/3wLAZdWH97iYPNJQIkQXAya/TKUPnkAuG41AsyUTtqg==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=9228.60122ab8.k2101; bh=KJbhMnH3rvjA2TUh4ja+GVQ7P+FXIxVOLbIRu5Bp9pk=; b=D3OZdQk2AtRPfV/nywofr1D7IK2cDDCKYgm9AbllOHqMgiLS120TqmQVY/cMXe7kcQL+S/0c/+F4WQ+OY5uDqI5dni2J25dro4rYs3A42SRqVEwEyOeW5GMW6lA6z7tCjeQLrNmaEEY81/kmqLr/5rT1vWXg6z5XuqRbe8ENrRAecPANvMut88bpQzeoJhI5SREaZ2FJcVIBn5Hy3iWhXOftoy7CfUoEuBe1eSkDxsNIo67UR2usfb4HgL3mdgLN26xlzlM8MsCAgRmh+2lPIe58v0TpLQjFj2xRzG3pD/Zcy0Ha6WYgiyuYTPnMf9YH/6cnb7SXgYOHlR1n/US5Sg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 28 Jan 2021 03:08:40 -0000
Received: by ary.qy (Postfix, from userid 501) id DEE576CDE11E; Wed, 27 Jan 2021 22:08:39 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 4DF476CDE100; Wed, 27 Jan 2021 22:08:39 -0500 (EST)
Date: Wed, 27 Jan 2021 22:08:39 -0500
Message-ID: <526bf4d5-5a7d-5a91-b965-36ffeab933f7@taugh.com>
From: John R Levine <johnl@taugh.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
In-Reply-To: <CAL0qLwbN+HkGfvw79rPPvqL6jWWAsUtWY9X1gW=vAvoeQS8RHg@mail.gmail.com>
References: <CAL0qLwY5BbwvS9XXqBk=Mp074ntN=NeS97pJAxPBdQEZAsgohg@mail.gmail.com> <20210127203714.007C86CDB9CA@ary.qy> <CAL0qLwbN+HkGfvw79rPPvqL6jWWAsUtWY9X1gW=vAvoeQS8RHg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/EkM2xtWHjpS62uOTDZ7bYPoobic>
Subject: Re: [dmarc-ietf] Forensic report loops are a problem
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jan 2021 03:08:44 -0000
On Wed, 27 Jan 2021, Murray S. Kucherawy wrote: >> I still don't understand why failure reports about messages that happen >> to be failure reports are in any way special. > > Loop detection in RFC 5321 is a normative MUST because of the obvious > operational problems it creates. Maybe I'm being thick, but right now I > don't see how this is different, apart from the fact that each message is > distinct; ... Here's perhaps another way to look at it. Imagine that I am a semi-competent mail server operator. I hear that DMARC is great stuff and I set up DMARC software on my server including sending and processing reports. Unfortunately, my l33t coding skillz aren't quite up to it, and my failure reports are all unaligned. Also, I'm not very good at reading specs and my reports aren't in the right format either. (Not making this up, I have lots of failure reports that are not multipart/report.) Oh, no! People are sending me failure reports about my failure reports! Make it stop! Which of these should we do: A) Everyone in the world who produces failure reports adds special cases to look for incoming failure reports, and heuristics to try and recognize failure reports in the wrong format, and when it finds one of them, it makes a note not to send a failure report about it. B) Someone slaps me upside the head and I fix my SPF record so my reports are sent correctly. This does not strike me as a hard problem. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly
- [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Steven M Jones
- Re: [dmarc-ietf] Forensic report loops Juri Haberland
- Re: [dmarc-ietf] Forensic report loops Дилян Палаузов
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops John Levine
- Re: [dmarc-ietf] Forensic report loops Kurt Andersen (b)
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Douglas Foster
- Re: [dmarc-ietf] Forensic report loops Дилян Палаузов
- Re: [dmarc-ietf] Forensic report loops are not a … John Levine
- Re: [dmarc-ietf] Forensic report loops are not a … Douglas Foster
- Re: [dmarc-ietf] Forensic report loops are not a … Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are not a … John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Juri Haberland
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Steven M Jones
- Re: [dmarc-ietf] Forensic report loops are a prob… Steven M Jones
- Re: [dmarc-ietf] Forensic report loops are a prob… Douglas Foster
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] report floods, not Forensic repo… John R Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Douglas Foster
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Dotzero
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Dotzero
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… John R Levine
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Douglas Foster
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Seth Blank
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Alessandro Vesely
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John R Levine