IETF Logo Mail Archive

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

Douglas Foster <dougfoster.emailstandards@gmail.com> Thu, 22 June 2023 12:59 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6320FC136123 for <dmarc@ietfa.amsl.com>; Thu, 22 Jun 2023 05:59:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rTj_Abdwtl4x for <dmarc@ietfa.amsl.com>; Thu, 22 Jun 2023 05:59:41 -0700 (PDT)
Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 78BB8C135DE2 for <dmarc@ietf.org>; Thu, 22 Jun 2023 05:59:41 -0700 (PDT)
Received: by mail-lf1-x133.google.com with SMTP id 2adb3069b0e04-4f871c93a5fso6416527e87.2 for <dmarc@ietf.org>; Thu, 22 Jun 2023 05:59:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1687438779; x=1690030779; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=9VQL2wYbOcDDQ8+pynDZUdx0JB327u4Pvpch1fydRd4=; b=ehxpI6K1bn/qp0Wh4IKJo2oDI4Fej6/KI2iUcdiPsDPeYKf0eRU+OzOTipoZS08f0L rdziBcXZqhbe15ZrG47LoLDUWfcTtlcN4v6F/cry69oDVaxyBfNBTjSdJG36VKy4afIV d2IwK4RutJHKmsiZ+SOYcxGtXVb1jIFoW6B2la4XBKBsLOVnMvqnyv8GMhXmJLqWbjH5 rXXdSYl6XW85qECbRLWiRwVczKsnK8+/N9do4u9NB0J33oc2QAKe3X86Eyk29x8AhJVr 10JLaPiPg3C7OO2UH6WeVerDDfAfmOq11Z+1uT39o1tjRzMMfOhs2en76VQefDR70qG4 rWsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687438779; x=1690030779; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=9VQL2wYbOcDDQ8+pynDZUdx0JB327u4Pvpch1fydRd4=; b=Kf9sMpRD7MdCg4JneEF7YabvH9zIPG+Idso5h8pJmhhvSmj02apBBr8+hpvdneJoWa m1UITv2qUwjJkhDsIlMofVgxBwe+hkJbzrYPTkswppop/yf7fFbuRFzrkS6oDCKZupaR yDzTKMIVOLT9JP+R0WY19OTimNyb3NLSEED4tegpq3p1XQ86L7sL6FgJG+EFJKA4giDP oj+CM29sAoqJAERcfY6hTZG+u8E9U2yAEWnHm9KhjagCgNX7L2gVPniMKpm92tw+n2u/ 286Jm+CMhLZ8iqH9Fm9FenWI1ENBZpZeeGw6m2jD14sRrl0VKNLnl6tuvJPzZw9od9gT 7m/g==
X-Gm-Message-State: AC+VfDw09+j8sebIqFIAJIeRGoBYHDrJAtvQ6+VRDKaC+Tw7925z0Krb TS0RXm4JM7wOcPjTsHAZzhAF8EP/NaDWbFvg6bMyHIoA
X-Google-Smtp-Source: ACHHUZ7/aVdSovD01IYYtp9SPDmcLp+Mg3JZ42nIFEQ4SLpGkqcqxICmtpKSO7YGVnmze/6NAOfQBsj7lfeNUzcsrHQ=
X-Received: by 2002:a05:6512:b84:b0:4f9:5efd:f459 with SMTP id b4-20020a0565120b8400b004f95efdf459mr3134536lfv.9.1687438778953; Thu, 22 Jun 2023 05:59:38 -0700 (PDT)
MIME-Version: 1.0
References: <30BB83B2-B454-41B8-992B-8E2569802D9C@1und1.de> <D225D7FC-C570-4B63-A694-9F16DB1F33E1@kitterman.com> <CALaySJKwuOK-81dW2H9dtURxa5mLQDUNo+MWcs+Hho8N+yP9qg@mail.gmail.com> <2817813.dRqVH37e0G@localhost> <CALaySJJbPFBAV_7mZaARYWuMzuX+74r2Cm0jD+z92_iuFRn_MQ@mail.gmail.com> <25736.57534.195344.782189@fireball.acr.fi> <1ec42959-977a-9ce0-907a-83a5eb2b6ef2@tana.it> <25739.5435.550786.601699@fireball.acr.fi> <25739.33240.127804.524371@fireball.acr.fi> <5d9a0b0f-8777-2494-d779-376c6ab8b37d@tana.it> <xtudkqv5sqxs4c2nnilna5lf4b266br4xwdjwoq4fdyjpgzjln@xdb5rldfeini> <3087d0fa-91b4-62b4-fc64-a705c7f0b672@taugh.com> <CAHej_8=VnOC1Pms2JKJYG=2Dqtp2nc9oe-j=aEmNfvGuNhvzZA@mail.gmail.com> <a9505fda-ed21-1fc6-adb6-f231225a1ceb@tana.it> <CAHej_8nNGQR9Bm59dsu=XG7iBGyyW=SCh4=0cBM8NWodHyo6pQ@mail.gmail.com> <2de0ca2a-2c18-91ae-f306-38e70aaebf8e@inboxsys.com>
In-Reply-To: <2de0ca2a-2c18-91ae-f306-38e70aaebf8e@inboxsys.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Thu, 22 Jun 2023 08:59:27 -0400
Message-ID: <CAH48ZfwjMEwG=b7EsKkXQLzPgcysMLOj2QhZ7_8fs6uQ7zxXYQ@mail.gmail.com>
To: Sebastiaan de Vos <sebastiaan=40inboxsys.com@dmarc.ietf.org>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000fff33805feb77464"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/GWtkwa50S5TvkTyfF9Jjh1W6XO4>
Subject: Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Jun 2023 12:59:45 -0000

Right, but the messages often get sent anyway.   So the evaluator who
blocks the message as malicious impersonation is blocking incorrectly
because the fail result is unreliable.   If it only affects nuisance
advertising, the error may not matter to the evaluator.  But I think the
problem affects some messages that matter to the recipient.

Doug



On Thu, Jun 22, 2023, 7:46 AM Sebastiaan de Vos <sebastiaan=
40inboxsys.com@dmarc.ietf.org> wrote:

> If I don't know how to control the zone for the domain I want to send
> from, I can't authenticate my mail from that domain. Isn't that part of the
> purpose of DKIM in the first place?
> On 21.06.23 15:36, Todd Herr wrote:
>
> Maybe Marty knows who does control DNS, and Marty is good at cutting and
> pasting, and Marty can successfully communicate the request to the DNS
> people for wesellstuff.com
>
> --
>
> Sebastiaan de Vos
> Founder
>
> Tel: +43 680 200 22 95
> E-Mail: sebastiaan@inboxsys.com
> Website: http://inboxsys.com
>
> InboxSys Brochure <https://inboxsys.com/inb_files/2019/04/InboxSys.pdf>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email