Re: [dmarc-ietf] Ticket #64 - Contained Data PII Concerns

Ken O'Driscoll <ken@wemonitoremail.com> Thu, 18 February 2021 15:31 UTC

Return-Path: <ken@wemonitoremail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 700C73A1379 for <dmarc@ietfa.amsl.com>; Thu, 18 Feb 2021 07:31:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wemonitoremail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aSWZWtguen67 for <dmarc@ietfa.amsl.com>; Thu, 18 Feb 2021 07:31:02 -0800 (PST)
Received: from EUR03-DB5-obe.outbound.protection.outlook.com (mail-eopbgr40093.outbound.protection.outlook.com [40.107.4.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 50B433A1377 for <dmarc@ietf.org>; Thu, 18 Feb 2021 07:31:02 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GjZjMdB5AI82WIL0WlP3Cf2VQOobBXnKxGET4DGL0Yg8fGnw/QICk3dtLyEXFl/8mToKnPwyraxWK+vzC3AhqFbqRRSmCiJI6W+9FFd+ZFOs2u0q+zDKWhFxMAjYlE86RQ49mnCwFDDGfGfZPr399ApFeoIpOOf/PGH7Dw7TT1gAxUVLQo49OkSscJVrea8BD7Fpp/criVeMCvW+piPkaaK3ipMURzNZ48JWi9drKgR+DgZzvcW8b5q8mdj9vtv6Z7AGLqNXmlnSlPeDsOaRdeHmhVS/DvTCtEmGp/izDasZ9so/QkOwXeLcJpQhoUNPTLTtb31ZdDZ23EKu5sknaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FSlp0FtxyGn6o79cujBWNwo99trYQjvtgG5Lgz1lHiA=; b=aSp5vYgiXaHg8/tVcBll3+/MtIJ74dYSIdS6CS3C3NNHDxYDxCsRKNrAVMM6m7JR9AB5lVo1PkFKWQGLp5ss3U/tLK/jxojBqGpgzBNj6TT7ZoFanKVhqMvfhGASrEq1icjjMw7CGyyahzlZd+L0Q/JTZE9khuS92qaocm8cxqr+k4iyNEP0ydD0Y9bJw5q2mgIU0fa1gZhg0KDwrF3Jaghf7ai6ancp2MG1fZXCnyduLs1y50pJvdtVWKb3iyfY+P60EujZh1uKZ6nt2Y3Stn+A4BzzGaxVVUmAlNkx6YwEpeFn06emM/njSeHE3DbuDC8cp8Z6M1TkEbHs4TUKTQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wemonitoremail.com; dmarc=pass action=none header.from=wemonitoremail.com; dkim=pass header.d=wemonitoremail.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wemonitoremail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FSlp0FtxyGn6o79cujBWNwo99trYQjvtgG5Lgz1lHiA=; b=ROu6GMI0Fele+sYC+BD8KSzepXRfZDRE1k7hSh9e2CqtiNv+AN111uU1zMzBdHJUP1iQS77hw9QW5hjNHREC67uaCnwRNKKBvdAAXV1PYSdfPYErd1k/D9ayCPHTvRc33dtCiSpz5xyAicMkm7YqLNjt3+z8eEemaNPeuDxw9HqYbjBuAI+LnW+BtZNVfikrjfWzSLxFCt1yk6dOcDOxAQrH74z2UlVPSDHuPbG4QWIIcqtD5cyi6DLZ7cJU4oHZZWqInVRHCcXJ3XqSeFAky2Uf7duoiVuEm3/Dlj20aSH9TF+hh4tukZu0m6lNVZciNSBEwDBEXJ3pF1I2ShsZgA==
Received: from VI1PR01MB7053.eurprd01.prod.exchangelabs.com (2603:10a6:800:19a::9) by VI1PR01MB6623.eurprd01.prod.exchangelabs.com (2603:10a6:800:183::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.27; Thu, 18 Feb 2021 15:30:59 +0000
Received: from VI1PR01MB7053.eurprd01.prod.exchangelabs.com ([fe80::9c69:59f:c073:bd9f]) by VI1PR01MB7053.eurprd01.prod.exchangelabs.com ([fe80::9c69:59f:c073:bd9f%7]) with mapi id 15.20.3846.039; Thu, 18 Feb 2021 15:30:59 +0000
From: Ken O'Driscoll <ken@wemonitoremail.com>
To: "dmarc@ietf.org" <dmarc@ietf.org>
CC: Douglas Foster <dougfoster.emailstandards@gmail.com>
Thread-Topic: [dmarc-ietf] Ticket #64 - Contained Data PII Concerns
Thread-Index: AdcBfLdYcAd1ycC0TvWJKBD11cOyegCIhNKAAG9eXXAABJQJQAALiTuAABrd4SA=
Date: Thu, 18 Feb 2021 15:30:58 +0000
Message-ID: <VI1PR01MB7053E1E0EDCE1FCA2B2B09A9C7859@VI1PR01MB7053.eurprd01.prod.exchangelabs.com>
References: <MN2PR11MB435185A171029EF4282A2BF4F78B9@MN2PR11MB4351.namprd11.prod.outlook.com> <7086a5e4-2a9c-bbdc-1969-f77d0d00fa38@tana.it> <MN2PR11MB435129E4F5DA8C8EC141E9E9F7869@MN2PR11MB4351.namprd11.prod.outlook.com> <VI1PR01MB70538541D7ADE18A555B05D6C7869@VI1PR01MB7053.eurprd01.prod.exchangelabs.com> <CAH48Zfy6oqHE8WfyOv2j57d-VhFXYBVqq_zvTTQtTnpCxo6V+g@mail.gmail.com>
In-Reply-To: <CAH48Zfy6oqHE8WfyOv2j57d-VhFXYBVqq_zvTTQtTnpCxo6V+g@mail.gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=wemonitoremail.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9fb70677-6321-4ee6-ca43-08d8d4223112
x-ms-traffictypediagnostic: VI1PR01MB6623:
x-microsoft-antispam-prvs: <VI1PR01MB6623A027D1F1C3E2D0487907C7859@VI1PR01MB6623.eurprd01.prod.exchangelabs.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: uh9UGZng5i2FdP9ayfwsq847f9pvy0audfTW38/StwN2H1WMAk/kLEdaY/pPXo80MQW/nzrR7y5ITTqA3I3GXImn2gQHPPuw6LuGeJ6x4yPGQP+WOxMWbE67hQVqyLIc1v/WMPPfdfmJRUdlIUxpP/vFw51rHTlGjWoubcS/YRjiqnFCjt1nKjYJzC4poQyZWTW4ce8SD9hm8x7uZ4GHxE3YvH8gX6E9hECGetL+upR3Gvux1iywrsdOcb/3D2Y0JplgatHxEv2JR0Xf+tArfKphqLiAE1eJntcP+dOgEJmVyBISjj26Xiy5iDZHh825h7324GCjZDppd09nPXQZXm4RRdRIDTktAst45l/V7N/doWUzAMm4vXxwMYII42yEWA66pPl8ZaHQ/5zZa+cZyzU9zpjAJJeZ0Pp2hUM6hglZKu1U7ViX3KLlhd22hFbb53O86LvO/l2BUWVHERpaySutQ4dqUSQpaXvGff6ZL7WRe7P3lcH3dYkC7k1b3u3m+Pz2WoKsMFjxZyyvRRSP4Nlhm10MCVSStL+dCbp+DZOSin/Tc6xhwLO+I+z84ncAWQBj1YNrkQwoC2ieDKkFGV8npoWrLymX8HImYGTY0kM=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR01MB7053.eurprd01.prod.exchangelabs.com; PTR:; CAT:NONE; SFS:(376002)(366004)(346002)(136003)(39830400003)(396003)(83380400001)(66946007)(52536014)(8936002)(66556008)(66476007)(8676002)(2906002)(5660300002)(86362001)(64756008)(66446008)(6916009)(4326008)(966005)(33656002)(7696005)(55016002)(186003)(9686003)(53546011)(71200400001)(6506007)(76116006)(478600001)(316002)(26005)(166002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?utf-8?B?SmNqM25Xazd1WFRmc1ZiZFlCcXhabTZtT2xUdG03Nlp6S0JDMTc5QjJ1VTIw?= =?utf-8?B?b3MzcHdCOTJPUkpXY1NmVm1BS2lUWUFpWlB2djRCeDBsWXd5RWhWeGMwTmtM?= =?utf-8?B?NENQc0FKN0tVTEJZSlJrL2NPaWhUc0hpdmpMS1pyREtEbmc1bzhmdGlRNFZR?= =?utf-8?B?NXhtL0w5RnVWamV3c01HWm93ZEI2UnNVREFVcUVTNHZleGs5ZE1QdDBlMWI3?= =?utf-8?B?SGo0Rk1ydnJRTGZjVCtBNUljdVk5aGNiMnlJbCtEZmdUQWFvOVdac1dHWGVE?= =?utf-8?B?MlJjSS9hUW5salZBZDFaV3d6akl1UnFHd1VlSE03aHJHUDJnelF6WjRwL2VJ?= =?utf-8?B?ZXpjNjNpcEMwMkxEeUxFTDQvSEF1SXJEUlNOajV1RUU2ZmszRWNXOW5xbXNw?= =?utf-8?B?NVFERlNPcVhtdWF0azhpL3BrM3Y5R3kvS1BudzZBZnJxcStkSlN6VnJneFdy?= =?utf-8?B?YkJKYy9MUUM2OXVKbzV4VXlIcjNRNGRLK3VYSExWSG04WUtyenB2bUsyZDBp?= =?utf-8?B?aG01Z3grSVRJL011eGlNaHJhTm5PNE1JRFRQaHJmQ2FERmk1Y0NENEFoVzBW?= =?utf-8?B?eld6TkhldTZhVHVJVi9SMTFsMlNMUk9LeDkzL0YzRkFHQlNnbjUwZ3hBcHBI?= =?utf-8?B?dGFoOG1kc2kwbmNWZjlNVk43RDhmSlhMV2JoRHFhWVlHa1BaYlFnMGN3dStM?= =?utf-8?B?NFNOSjl0a3I1cXkvQ0Z1b0lFN2cvWnk2cmRvRERDVTJINURLaDJNckpvZG1Q?= =?utf-8?B?SlRsRVlkM3Ziekkra2JTYjJPcldxNW5lTlJnTldZclNIbjFIM2FSTVh5Q2Rz?= =?utf-8?B?TVVHUmVicGZ2TTM0S2IrVXI0emZTK1lLV3dXZStvRnFJdkNMSjBZV0R5U00x?= =?utf-8?B?WVlpM1pMaEViMFNvVyt3SnpYUVFwazlCSFcydnBQODFaemIyQ2tnR0tnUW01?= =?utf-8?B?OWU2enBOUWJUWGNDZlNsczhUbVc5bkRHTjBWbnlSNHNvMmZsVnZIN2lreUFx?= =?utf-8?B?bW5KRWtEV2VtNUM3YlpRWTR4SnB4Z0puV2h3SWhScHJQTVM4THFvRXpPVms5?= =?utf-8?B?UCtzY3ByZUtkbGNRQ3ZDQWFPRlJ3c2JKYTFNV1o3UWR6a1hVMUcrNlhtcXQ5?= =?utf-8?B?MXZvZUpFREJIcXdYSnVXTGlXcDljNzVuM1cybXJ0dGErT2dSTWpkNEFmZkJs?= =?utf-8?B?YnFnV29BcnhEUnduTFhQL0lZTHhNWEhKRVFhRmRDdzRhUTlrNjM0WFNPam1P?= =?utf-8?B?b1RVdlIrQldPNGtlR0t6dTZUc0J6bHlDU0ZnMFlzQ0w1RjVaelR3cjJkVU9n?= =?utf-8?B?eVdjR21CdFpmZDlpRVdBV3JFbk8yZ3ZPSTdCaTJpM1RGVmFIbmFYVDAxOXNH?= =?utf-8?B?ZkdScmI1eTdhTFpsSktUY1dIN05HUmt4cUJLdU5rSUh6WG52Tk5OV3FjVkd3?= =?utf-8?B?dnRMRWdTaGxqWFNBZXh2WmtUV2lYeDkrSjZKNXM5bjkvaUZJbEZFNC8ybzh5?= =?utf-8?B?ZTRJU1hIcWxVTzhBbzBBdWZ0OHpEZFhrTExmNUhremhWQi83MXNua3NWNmVp?= =?utf-8?B?eXAyNnkyMk14bk5MMjJmQ2d4UDIvT2lEMHVjWE1BZzRWcWQvYm11TGFOcngw?= =?utf-8?B?NjFUczZ4MGVpK0F2NHNMQWcrYWI1Y3kxbzhLMUczUnlncTUxc242NDkyeVRs?= =?utf-8?B?elBLai9pei9MYmg4VVRDb0VsVVVBa3NJZS81Q3RyR21CeGlrSUpqZTFRbEw0?= =?utf-8?Q?f192qDsbjXe5gp7ak4=3D?=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_VI1PR01MB7053E1E0EDCE1FCA2B2B09A9C7859VI1PR01MB7053eurp_"
MIME-Version: 1.0
X-OriginatorOrg: wemonitoremail.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: VI1PR01MB7053.eurprd01.prod.exchangelabs.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 9fb70677-6321-4ee6-ca43-08d8d4223112
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2021 15:30:58.9709 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: a2b1d6fe-fc8b-4b7c-b9f1-d7b1ab3d23b3
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Ofh2+Dc+ZH9Wtc0CyIwQwqhniSWPm56xxS5kB3ORuqeL5R8bQrRlFY1yFJp5suZ/xnkymCcwDLk/YnShrxp+jA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR01MB6623
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ByJn72AkxG1nOP0RJ27EFbEWGEE>
Subject: Re: [dmarc-ietf] Ticket #64 - Contained Data PII Concerns
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Feb 2021 15:31:06 -0000

The concern is that PII is contained in the aggregate reports.

The machinations of the individual Information Governance functions that draw such conclusions or the decision making processes of individual organisations around those conclusions, is not relevant, and won’t help close this ticket.

Ken.

From: dmarc <dmarc-bounces@ietf.org> On Behalf Of Douglas Foster
Sent: Thursday 18 February 2021 02:21
To: IETF DMARC WG <dmarc@ietf.org>
Subject: Re: [dmarc-ietf] Ticket #64 - Contained Data PII Concerns

It would help me if you could elaborate on the concerns that you have encountered.

Which data is sensitive and therefore needing classification?

Which roles creates the objection?   Server owner sending reports, recipient domain allowing the server owner to send reports from recipient data, or only report recipient?

When the report recipient domain delegates reception to an authorized agent, how does the organization making the delegation escape liability for how the information is handled and used?


On Wed, Feb 17, 2021 at 4:27 PM Ken O'Driscoll <ken=40wemonitoremail.com@dmarc.ietf.org<mailto:40wemonitoremail.com@dmarc.ietf.org>> wrote:

I PM deployments for organisations and the concept of aggregate reports have caused problem more than once. Similar to the PII concerns of providers which originated this ticket, these organisations operate in heavily a regulated industry and have extensive DPO functions. To give a flavour of what those concerns translate to - I have been asked is it possible to implement DMARC without using reports! I have also had con-calls about training a new hire to read and classify the reports! That's just two examples. It's mostly driven by overzealous DPOs but I understand their concerns on some level. When they realise that we can distil the report data and it doesn't need to be on-site, they hand wave away any custodian concerns and the project moves forward.

So, assuming that my DMARC clients aren't unique, I'm wondering if this section could be split into two parts, one for Mail Receivers and one for Domain Owners?

If so, for Domain Owners, I'd propose something like this:

Aggregate feedback reports are essential for the proper implementation and operation of DMARC. Domain Owners can choose to exclusively direct reports to a processor external to their organization. In such cases, the content of the reports are never sent directly to the Domain Owner.

Thoughts?

Ken.

> -----Original Message-----
> From: dmarc <dmarc-bounces@ietf.org<mailto:dmarc-bounces@ietf.org>> On Behalf Of Brotman, Alex
> Sent: Wednesday 17 February 2021 18:40
> To: Alessandro Vesely <vesely@tana.it<mailto:vesely@tana.it>>; dmarc@ietf.org<mailto:dmarc@ietf.org>
> Subject: Re: [dmarc-ietf] Ticket #64 - Contained Data PII Concerns
>
> Incorporating some feedback:
>
> -------------------
> ## Data Contained Within Reports (Tkt64)
>
> Within the reports is contained an aggregated body of anonymized data
> pertaining to the sending domain.  The data is meant to aid the report
> processors and domain holders in verifying sources of messages
> pertaining to the DMARC Identifier.  The data should not contain any
> identifying characteristics about individual senders or receivers.  An
> entity sending reports should not be concerned with the data contained
> as it does not contain personal information, such as email addresses or
> usernames. There are typically three situations where data is reported
> to the aggregate receivers: messages properly authenticated, messages
> that fail to authenticate as the domain, or messages utilizing the DMARC
> Identifier that have no authentication at all.  In each of these cases,
> there exists no identifying information for individuals, and all content
> within the reports should be related to SMTP servers sending messages
> posing as that domain.
> -------------------
>
>
> --
> Alex Brotman
> Sr. Engineer, Anti-Abuse & Messaging Policy Comcast
>
> > -----Original Message-----
> > From: dmarc <dmarc-bounces@ietf.org<mailto:dmarc-bounces@ietf.org>> On Behalf Of Alessandro Vesely
> > Sent: Monday, February 15, 2021 8:31 AM
> > To: dmarc@ietf.org<mailto:dmarc@ietf.org>
> > Subject: Re: [dmarc-ietf] Ticket #64 - Contained Data PII Concerns
> >
> > On Fri 12/Feb/2021 21:30:38 +0100 Brotman, Alex wrote:
> > > Hello folks,
> > >
> > > In ticket #64
> >
> (https://urldefense.com/v3/__https://trac.ietf.org/trac/dmarc/ticket/64_<https://urldefense.com/v3/__https:/trac.ietf.org/trac/dmarc/ticket/64_>
> _;!
> > !CQl3mcHX2A!W97hZ0-
> > iwRDi8wBssmRFF6OycVE12vM3xhGd9BmLhEzi6Vycp3bgzwji21xLQQgnnMRa
> > BuxGQg$ ), it was suggested that a Privacy Considerations section may
> > alleviate some concerns about the ownership of the data.  I created an
> > initial attempt, and thought to get some feedback.  I didn't think we
> > should go too far in depth, or raise corner cases.  Felt like doing so
> > could lead down a rabbit hole of trying to cover all cases. This would
> > go within a "Privacy Considerations" section.
> > >
> > > * Data Contained Within Reports (#64)
> > >
> > > Within the reports is contained an aggregated body of anonymized
> > > data pertaining to the sending domain.  The data is meant to aid the
> > > report processors and domain holders in verifying sources of
> > > messages pertaining to the 5322.From Domain.
> >
> >
> > I'd replace all those 5322.From Domain with main DMARC identifier.
> >
> >
> > > The data should not contain any identifying characteristics about
> > > individual senders or receivers.
> >
> >
> > The aggregated data refers to names and IP addresses of SMTP servers.
> > It cannot be used to identify individual users.
> >
> >
> > >  An entity
> > > sending reports should not be concerned with the data contained as
> > > it should not contain PII (NIST reference for PII definition), such
> > > as email
> > addresses or
> > > usernames.
> >
> >
> > I'd substitute /should not/does not/.  Even if a server has a unique
> > user, the domain name and the IP address are those of a public entity,
> > not those of a private citizen.
> >
> > The term Personally Identifiable Information (PII) is US-national.  I
> > think just personal information is of broader use.  Personal data is
> > also a valid alternative.
> >
> >
> > jm2c
> > Ale
> > --
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > dmarc mailing list
> > dmarc@ietf.org<mailto:dmarc@ietf.org>
> > https://urldefense.com/v3/__https://www.ietf.org/mailman/listinfo/dmar<https://urldefense.com/v3/__https:/www.ietf.org/mailman/listinfo/dmar>
> > c
> > __;!!CQl3mcHX2A!W97hZ0-
> > iwRDi8wBssmRFF6OycVE12vM3xhGd9BmLhEzi6Vycp3bgzwji21xLQQgnnMTF6
> > fzPKA$
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org<mailto:dmarc@ietf.org>
> https://www.ietf.org/mailman/listinfo/dmarc

_______________________________________________
dmarc mailing list
dmarc@ietf.org<mailto:dmarc@ietf.org>
https://www.ietf.org/mailman/listinfo/dmarc