IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports

Alessandro Vesely <vesely@tana.it> Tue, 29 December 2020 09:59 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 040AC3A1323 for <dmarc@ietfa.amsl.com>; Tue, 29 Dec 2020 01:59:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3eSP7c8Jime8 for <dmarc@ietfa.amsl.com>; Tue, 29 Dec 2020 01:59:39 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1931E3A10EC for <dmarc@ietf.org>; Tue, 29 Dec 2020 01:59:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1609235972; bh=4BdLQoutCGkq4qxos4adZODOemB1j6ZB0PfTMvUKrH0=; l=1151; h=To:References:From:Date:In-Reply-To; b=BBXIP6Mnf+CYyNy5IrkIToH0uuQb4NQzEJy+kPN9jqJPXW+dw3vquAxO9UuxlX42K bYEBRfB2vF5ab0YBtJ22WwNjrq2gAXZ8kbEVkKsxxgvKz0e5EG6Mxkc4bL2EhlWwM/ I6ZLSpt/p6wgW28iY+3bjZ8uoM5GjVJyM6RffFO9uc+nPwCtQGi8l77SktQyi
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC053.000000005FEAFE04.00005FE7; Tue, 29 Dec 2020 10:59:32 +0100
To: Todd Herr <todd.herr@valimail.com>, IETF DMARC WG <dmarc@ietf.org>
References: <20201218023900.E73B82ACBB2B@ary.qy> <CAJ4XoYdXWTgADpdL1eJuYGnpSY038vj-FW_x1f2rEp1JL0r2oA@mail.gmail.com> <01RTICXKLL3E0085YQ@mauve.mrochek.com> <c5f7413e-52c1-6710-16e5-63f59d2c24b9@taugh.com> <CAL0qLwYDeV9CmFg9qCCGPse00JV30WRiSC4orC-EitK=hiahgA@mail.gmail.com> <a79dd75-4d73-d1dc-d6b1-272de866b950@taugh.com> <CAL0qLwZXu3FxH7QGBS7PGbeDwfDTGmC=rbPEQidVV4eDJNHLUA@mail.gmail.com> <CAJ4XoYeK2cJb+easc=mqCi4ap1932LmbDdfxM1dFZKrdo2a2mw@mail.gmail.com> <acfe3d9e-97eb-50ee-26a2-568fdd8359dd@taugh.com> <CADyWQ+GJ62jt=dL9Gzuw_O7USNbS=86BqAzu8Rdv9sCb5OpCdw@mail.gmail.com> <d4a00be5-bd61-0c05-3431-8d56b39a3550@tana.it> <8813331f-f5e4-faa5-c6d-11212fc25797@taugh.com> <CAHej_8kpT2ooFoJdsj1X+AV90HEA29yABJVp+EhrpJNXxWpnOA@mail.gmail.com> <CAJ4XoYdFHZEras4JC5K04i+PAukWCTBBnwr0zw_CYwDOAe6Sng@mail.gmail.com> <CAHej_8kw6JV-wQKOs1yd_z0RsZe=wuew2+ZSJrmY35j-VCcwFw@mail.gmail.com> <dc3140ef-dcb6-05e2-71c3-d449f0e76f1f@tana.it> <CAHej_8n=ofqBN_6v2VYJ9vKfefcZO1+jWNPPY9vrcK4Jc_gH_A@mail.gmail.com>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <85fed1c6-4792-316c-836d-9a481c5d4964@tana.it>
Date: Tue, 29 Dec 2020 10:59:30 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <CAHej_8n=ofqBN_6v2VYJ9vKfefcZO1+jWNPPY9vrcK4Jc_gH_A@mail.gmail.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/GxGLO9w9hSaZ1ifNrxlS2RnXFZY>
Subject: Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Dec 2020 09:59:41 -0000

On Mon 28/Dec/2020 22:20:55 +0100 Todd Herr wrote:
> 
> DMARC validation failures can be caused either due to legitimate mail
> (i.e., mail originated by or on behalf of the publisher of the DMARC
> policy, a.k.a., the domain owner) failing authentication checks due to a
> shortcoming in the authentication practices of the domain owner or some
> other hiccup that occurs in transit, OR by illegitimate mail (i.e., mail
> not originated by or on behalf of the domain owner, so mail intended to
> fraudulently impersonate the domain), specifically the kind of mail that
> DMARC is purported to be designed to stop.


That kind of analysis seems to be missing from the draft.  After some years of 
experience,  we should be able to provide some, I'd hope.  If not, we'd better 
bluntly drop the draft.

Personally, I used to receive a few of them.  None at all now.  The only 
mention I recall about failure reports was an old article, by Terry Zinc IIRC, 
where he said they're key for telling abusers from legit operators needing 
realignment.  I don't recall why that info couldn't be derived from the source 
IPs though.


Best
Ale
--

v2.23.0 | Report a Bug | By Email