IETF Logo Mail Archive

Re: [dmarc-ietf] Abolishing DMARC policy quarantine

"Murray S. Kucherawy" <superuser@gmail.com> Wed, 24 July 2019 15:27 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 59BCC120361 for <dmarc@ietfa.amsl.com>; Wed, 24 Jul 2019 08:27:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.997
X-Spam-Level:
X-Spam-Status: No, score=-0.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DNptYx0C46OH for <dmarc@ietfa.amsl.com>; Wed, 24 Jul 2019 08:27:34 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59EE61203CB for <dmarc@ietf.org>; Wed, 24 Jul 2019 08:27:27 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id t28so44913278lje.9 for <dmarc@ietf.org>; Wed, 24 Jul 2019 08:27:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xwESM25LVu82mztfmFiYvDSG7FVPPXeUpKnRfi2Bl/s=; b=ZXS7MNj3ZQC+8gHCiv0b8wHN8HVdx7SgUUU2sUfqijOvZmWh1FUIC/qb6cBIB9SSuF Z+FTFe7OqhACk6A7MvBn9GpFwFJXJSJbZiuCZukV3EgwQcITKU9nTRyUupyfpTaW6IZG zPYhMdd4oh7iCVTrtj77FzACHkL0sN/FLHq9k7AY0RudX4zEVm5yiC+/0mYz/wb0uoGS Bnkfx1PML4c/nfJEr6/UAgKAyvNCiNEIQdjZXsuQjacUvR7XCc6U0uHSAJEIiHDvr5hA n4WeGOga1QOw73/X+u8pAnlXPtcaLlfueOwbbRe+/8+2LkYipXpPVuYBqIH1a2PcC2oe iz4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xwESM25LVu82mztfmFiYvDSG7FVPPXeUpKnRfi2Bl/s=; b=HLDxdhsgUvjCGMB3gcZBiZ4Lb5ciDiSA+l/EI03LD16iNc+WXuONeIyYpTeasQDhW1 pKZp+X3KuaIoh+5Y00/6CPWeqntTzoJiWaLQ6b1UGmMeUHvQYwA0jlfbQO/U3cl+QADb 9AeQbWd98bvn5UYx2P+TUA/REW5rKob8XsFNAO9gKU/w+mMtiHb/dB/rcq2RmTlm21tP g7k1Ic7Hv/mq8BGVpEny3LGySGSvf+/eDgYl/ReNZqRbDgtZkXSD7XedmWMDvu9CRKxw aAiuc1oGTUhybVve/MtkE4lCJXbJM94EwcTsRMxEoxQxhMIt3TZiK/D//RlDCXob4bDl tKKA==
X-Gm-Message-State: APjAAAXt+8VRRKSgpqZ/EdX64+hVOcQlQ+KHqkrY8py6qYcP7BtVtnjG imSENXB2Fdb5ge9Y9LmSei7UUUAWzTkUCuUC07Q=
X-Google-Smtp-Source: APXvYqzG4OUhKG8x+hhlQAsf+KfoQT9Fv3FN8Xg59Sz/OFbzwBhj3dqnXlwNfx7ke/zlkzSlnEq3ICD6XFiNQ106bQE=
X-Received: by 2002:a2e:9a19:: with SMTP id o25mr43561940lji.63.1563982045422; Wed, 24 Jul 2019 08:27:25 -0700 (PDT)
MIME-Version: 1.0
References: <a8ac130a671f5bcd1bf9f09781325e84a9f1fda6.camel@aegee.org> <b903c983-5c65-5b17-62bf-9ff42ffdbaaa@corp.mail.ru> <CAJ4XoYeJRcGfO7LntM6LBeJ5rMOcb0D=ya31Rm8utoWTqE7oXQ@mail.gmail.com> <0295aa1e-733a-b3ae-14cb-edcb2050d6af@corp.mail.ru>
In-Reply-To: <0295aa1e-733a-b3ae-14cb-edcb2050d6af@corp.mail.ru>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Wed, 24 Jul 2019 11:27:13 -0400
Message-ID: <CAL0qLwYYEMofia2S4a8oXsf02fnJg7y+DovvMWZENUW+4yUyiw@mail.gmail.com>
To: Vladimir Dubrovin <dubrovin=40corp.mail.ru@dmarc.ietf.org>
Cc: Dotzero <dotzero@gmail.com>, IETF DMARC WG <dmarc@ietf.org>, Дилян Палаузов <dilyan.palauzov@aegee.org>
Content-Type: multipart/alternative; boundary="00000000000040a8d7058e6ef290"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/IRNny0LwkNkq1nBfPrlmgLSPgIg>
Subject: Re: [dmarc-ietf] Abolishing DMARC policy quarantine
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2019 15:27:35 -0000

On Fri, Jun 14, 2019 at 12:25 PM Vladimir Dubrovin <dubrovin=
40corp.mail.ru@dmarc.ietf.org> wrote:

> Nope, I mean 2 different things.
>
> 1. Why quarantine is useful (with pct=0).
>
> For example this mailing list (dmarc@ietf.org) performs From rewrite (aka
> From munging), e.g. dubrovin@corp.mail.ru is replaced with
> dubrovin=40corp.mail.ru@dmarc.ietf.org. It's because corp.mail.ru has a
> strict DMARC policy (reject). dotzero@gmail.com is not overwritten,
> because gmail.com has p=none and ietf.org only overwrites From only for
> domains with "quarantine" and "reject" policies. It's quite common behavior.
>
> If you are implementing DMARC for a new domain (let's say example.org),
> you usually start with "p=none". With p=none you receive reports for failed
> DMARC for different lists, like ietf.org. Before switching to stronger
> policy (p=reject), you may want to know which mailing list will still fail
> DMARC, and which lists perform From munging and, as a result, do not fail
> DMARC. For this purpose, before switching to "p=reject" it's useful to
> switch to "p=quarantine;pct=0". After this, you will only see mailing lists
> without From munging in DMARC reports.
>

I'm confused; is this claiming that those rewrites happen by virtue of the
fact that "p=quarantine" is the published policy?  Seems to me that
rewriting will happen irrespective of what the published policy is for the
>From domain.

Or is it the case that this changes the content of the aggregate reports in
a way you find meaningful?

-MSK

v2.23.0 | Report a Bug | By Email