IETF Logo Mail Archive

Re: [dmarc-ietf] Call for Adoption: DMARC Use of the RFC5322.Sender Header Field

Jesse Thompson <jesse.thompson@wisc.edu> Tue, 06 October 2020 00:21 UTC

Return-Path: <jesse.thompson@wisc.edu>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CF4F3A142A for <dmarc@ietfa.amsl.com>; Mon, 5 Oct 2020 17:21:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.312
X-Spam-Level:
X-Spam-Status: No, score=-2.312 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.213, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wisc.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HxZ8e17Wre3B for <dmarc@ietfa.amsl.com>; Mon, 5 Oct 2020 17:21:36 -0700 (PDT)
Received: from wmauth1.doit.wisc.edu (wmauth1.doit.wisc.edu [144.92.197.141]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEB943A1427 for <dmarc@ietf.org>; Mon, 5 Oct 2020 17:21:36 -0700 (PDT)
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-bl2nam02lp2055.outbound.protection.outlook.com [104.47.38.55]) by smtpauth1.wiscmail.wisc.edu (Oracle Communications Messaging Server 8.0.2.4.20190812 64bit (built Aug 12 2019)) with ESMTPS id <0QHR00KIQ6KG7N40@smtpauth1.wiscmail.wisc.edu> for dmarc@ietf.org; Mon, 05 Oct 2020 18:57:53 -0500 (CDT)
X-Wisc-Env-From-B64: amVzc2UudGhvbXBzb25Ad2lzYy5lZHU=
X-Spam-PmxInfo: Server=avs-1, Version=6.4.7.2805085, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2020.10.5.235418, AntiVirus-Engine: 5.77.0, AntiVirus-Data: 2020.9.22.5770001, SenderIP=[104.47.38.55]
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Zl7hp+R+FJkSisBZ4Pw0NmTyG9X2XxXz+55mxQOMi7X4C55aTRlZH+Z/dbdHVsTvXfGD5VH7se3A0eFomGK9hjdKFbGtlK3qlDpbTf4ZQO7ft6IRCbIsTJub6N4gOXMJ0m9AMEAZP6sjikIoVOoUN1a2Y73hFTNq0MaXCW2RepYavq9+uWv3gM6SWAlYEPkbkWoMz6QTeG8DR2JSIPgcEpOaeBcAXlT4HgLHPsgvjSwB+gZsxFT/eFn8A0Uz3KWqE4ywtHqDoLGVLG5e0NM9uNwU7yNvKg2GqzFhnM4q4lEhcPgS4h+2ZO1RKpYfJmJCEHSD5CFPeL7SHEP4YoxPOw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Oh4mQjthNiAQD0uBVI0uf3vFf0GyYCKdvZzdeOXO7J0=; b=euYeQdsN8QqN6aQl+X5nLHd+drb8qSV1QkyNB0SkqiDDqzkTFPDFYt2U4lswfOHuI0sKxM1KVMpXY3XEy8YbxdvBSc64CWE8uK5sJk9EtS0mSkmYB4cDIoEpg8Lk5aCKT2Ltka7TAJIDqmZ3G541nVz5dA2OPBpAs6RJEdfgZ8L8hAm+nGRgUZpeIIPLSNOaNl95vEff2fyStmCl5FL5JomB+fRd7O2aEdLo+ZHbuySZwRPYnH11KnX93PVy9qDcEZoCOxm7tGEYR9AEc0jg8m23KbV1u7oKg4vx9weFyF//oLzKB8oVOlq/JlCufJG+F5uT6t3aH8plHVWFS8GN8A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wisc.edu; dmarc=pass action=none header.from=wisc.edu; dkim=pass header.d=wisc.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wisc.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Oh4mQjthNiAQD0uBVI0uf3vFf0GyYCKdvZzdeOXO7J0=; b=hEhyR0uHJj8aYPIUSeEi1lIk3qwBN4eD+n9GZYKs2jzXkprQeUcWdnyiNekyiHKNgBKO/o9OKnjucdU/7pYDKpazEoTanNGtt0lMKslrUlPdBQ62x/cfLInRVN1zup1ZQbN3LwInf2RUl58VSkGVGRDBcBEconTK0J0cpa5qtE8=
Received: from DM5PR0601MB3671.namprd06.prod.outlook.com (2603:10b6:4:7b::16) by DM6PR06MB5066.namprd06.prod.outlook.com (2603:10b6:5:59::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3433.42; Mon, 5 Oct 2020 23:57:50 +0000
Received: from DM5PR0601MB3671.namprd06.prod.outlook.com ([fe80::3140:5114:c860:9a7b]) by DM5PR0601MB3671.namprd06.prod.outlook.com ([fe80::3140:5114:c860:9a7b%5]) with mapi id 15.20.3433.044; Mon, 5 Oct 2020 23:57:50 +0000
To: dmarc@ietf.org
References: <20200927171611.838B321D9BAD@ary.qy> <5069099.lO0Lvmlme3@zini-1880> <CABuGu1oSshRN20twB6w1r6bnDDt8sunkPG9JY=V8Nme1Y5hVUg@mail.gmail.com>
From: Jesse Thompson <jesse.thompson@wisc.edu>
Message-id: <c46003a4-1200-e9f4-4608-c1edf3717238@wisc.edu>
Date: Mon, 05 Oct 2020 18:57:48 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.3.1
In-reply-to: <CABuGu1oSshRN20twB6w1r6bnDDt8sunkPG9JY=V8Nme1Y5hVUg@mail.gmail.com>
Content-type: text/plain; charset="utf-8"
Content-language: en-US
Content-transfer-encoding: 8bit
X-Originating-IP: [47.12.96.133]
X-ClientProxiedBy: CH2PR04CA0020.namprd04.prod.outlook.com (2603:10b6:610:52::30) To DM5PR0601MB3671.namprd06.prod.outlook.com (2603:10b6:4:7b::16)
MIME-version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.0.2.111] (47.12.96.133) by CH2PR04CA0020.namprd04.prod.outlook.com (2603:10b6:610:52::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3433.38 via Frontend Transport; Mon, 5 Oct 2020 23:57:50 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: f3bec13b-8009-4277-e87d-08d8698a778c
X-MS-TrafficTypeDiagnostic: DM6PR06MB5066:
X-Microsoft-Antispam-PRVS: <DM6PR06MB5066E4249421DA6446FBF6B3F60C0@DM6PR06MB5066.namprd06.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: duzyV01Rsw2BLJdjVAzy+32R8y+tCA1MdiTMVVZ5JBax56Dje8S7g+bIfiHo5RV6Fw1XGUOr5IRxhfJLtV//DIbbb9K2p1Nyc+vMl3sXa0yFuE0Ahc73Y/yX7jgM7vuvsOGAnweWdga4yX16iD6U0NfWJc9TKIBdur1zzC1bB9uZf+oju/0JunsPfOaBIsg0KKphoR9qkFqPhcWzReiGst4R1l2TSPUZUsD0tA9eu7gBEeRNg6XNqh8i/tGr9dTOys1hIZ2UgHL0LXJY7x7PQ+0Gi6MYRA/BncPFnhzNID1kf1a0bslm8axBWeOx8CtPM057nbuMZzNUj7notj2OTQWCrPNyH0kJvjF5/J+yE7oq6ZRyzyqnjNTeIHK8nAMz
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM5PR0601MB3671.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(376002)(366004)(136003)(39860400002)(396003)(66476007)(66556008)(8676002)(6486002)(86362001)(5660300002)(31686004)(316002)(16576012)(956004)(66946007)(786003)(26005)(2616005)(83380400001)(75432002)(8936002)(478600001)(44832011)(36756003)(53546011)(186003)(16526019)(31696002)(2906002)(6916009)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 2ZLS/wYpETTBUNnEEGpe39WfTxJM5vtzk8Khs3M8B3XPbEoQZJQtRRvy0U22rg3GqfC96g72965zW/e3v+Aw7Co/ZdwH6pdMMdPBTsmmgE6lhFT33eztNdPS4f3eI4loMFpGqRUka77lX/H2GFdVQeAszX3CovMscaw44x1C4IS2mgCA7VB1lFduJszmjisUgHRA3rYF+xvBmGG7xiNpWjx9cXr2KNDuNeEBI5xlsqXW4Q5Znrofm4kC4YisIB+92I7+fQxjkUEFPAP06Azfa8Kz+LdGFl+wsyUTVsw/jJNttGWnsRB6+Kz5BToX5D78k4QxPp8qA0IDmvvE9af4wng/3NIIOD+B9iEsTcsKTZnUrLzViqcwFfgOd9mPyal9p0jmdWDCf8ifS1zsY77ylqj0scmas64P9XZ5zxv3XoR+7Y/EdyxzhkWn7abCSCKK9JjphA2OJRQOtR3opjZnAKkFBxmXTXtNYm90P8g0upxNrTihYXOTh60IPcItMGo8EE5AAM2+xNtUWwyHLLapUrUV5bJJeIHsyhneYe4VH7pB9ZCVyWWaYtvIFhgPdgt8lxSvZIKcHdUkiQgzfs2HYPwtJaaVuYw0XRA8mdEpFMzme9jy0Py9+Xs35XttC8G3BXDv+0YtOw939IV1h2FB5w==
X-OriginatorOrg: wisc.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: f3bec13b-8009-4277-e87d-08d8698a778c
X-MS-Exchange-CrossTenant-AuthSource: DM5PR0601MB3671.namprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Oct 2020 23:57:50.6890 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 2ca68321-0eda-4908-88b2-424a8cb4b0f9
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: Y7mwyxC8PEglraDCKMBfGkbH9OH20Org9QdWluTNMpIZkUcHvPTII38ol3GUsLI/AsIhdBkeK8Nhyt6TbB12yg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR06MB5066
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/HxSh4L3jm2NfI1EL8d4yoKID398>
Subject: Re: [dmarc-ietf] Call for Adoption: DMARC Use of the RFC5322.Sender Header Field
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Oct 2020 00:21:38 -0000

On 9/28/20 10:35 AM, Kurt Andersen (b) wrote:
> On Sun, Sep 27, 2020 at 11:23 AM Scott Kitterman <sklist@kitterman.com <mailto:sklist@kitterman.com>> wrote:
> 
>     On Sunday, September 27, 2020 1:16:11 PM EDT John Levine wrote:
> 
>     Agreed.  Maybe it would help if someone who takes the latter view would
>     explain what they think RFC 7489, Section 6.6.2, Step 6 is for:
> 
>     >    6.  Apply policy.  Emails that fail the DMARC mechanism check are
>     >        disposed of in accordance with the discovered DMARC policy of the
>     >        Domain Owner.  See Section 6.3 for details.
> 
>     I don't think that says "then toss the results into your classifier".
> 
> 
> You completely ignored section 6.7 (Policy Enforcement Considerations) which states:
> 
>> Final disposition of a message is always a matter of local policy.
> 
> Local policy could be considered "the output of some classifier" or other mechanics left to the invention of the receiver.
> 
> This is a part of the documented DMARC spec, not a change.

Reading this thread, it comes to my mind that the "fundamental disconnect" that John raises is partly caused by an externalized factor: the shift to cloud mailbox hosting.  The roles, responsibilities, and assumptions have changed.

The receiver, who is now a customer of an ISP, does not have the ability to "invent mechanics" because the tools aren't provided by the ISP.  The ISP, of course, has a good reason to K.I.S.S. for support.  

It means that the ISP takes over responsibility for local policy mechanics to a greater extent.  Falling short of providing their customers a platform to invent mechanics the ISP will just implement the none|reject|quarantine mechanics and say they "support DMARC".

Even if the ISP has proprietary local policy mechanics that they apply to all of their customers' inbound mail, they aren't likely to document it in great detail or offer many exemptions.  It's a black box.

e.g. I find it hard to imagine that an ISP would have the willingness to exempt a boutique MLM for all of their customers, so ARC, in and of itself, doesn't really help MLMs move away from From munging.  Does it make sense to suggest that in order for ARC to succeed, then ISPs need to offer a way for their customers to define their trusted intermediaries?  What if the ISP chooses not to offer that?  Do they "support ARC" in a meaningful way?

For the "filtering signal" viewpoint to succeed, I would ask: is there a need to define some local policy mechanics into the spec so that the ISP can be held to account by customers to "fully support DMARC".  If the ISP offers no adequate mechanics to do signal filtering, then that ISP's hosted receivers cannot realistically support DMARC based on the assumption baked into DMARC that receivers can and will implement override mechanics.

The roles have changed, which has diluted the "filtering signal's" value mostly to the ISPs, and the benefit to receivers is metered by the extent to which the ISPs are willing to build a platform for their customers to invent mechanics.  

If the shift to cloud is incompatible with "filtering signal" mechanics for local policy overrides, is DMARC's only value left to receivers "what users see" and the simplistic none|quarantine|fail mechanics, as defined?

Jesse

v2.23.0 | Report a Bug | By Email