Re: [dmarc-ietf] Ticket #42 - Expand DMARC reporting URI functionality

Michael Thomas <mike@mtcc.com> Wed, 20 January 2021 19:28 UTC

Return-Path: <mike@fresheez.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F8EE3A1333 for <dmarc@ietfa.amsl.com>; Wed, 20 Jan 2021 11:28:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.013
X-Spam-Level:
X-Spam-Status: No, score=-2.013 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, NICE_REPLY_A=-0.262, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mtcc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uNMaZwI2GZ4G for <dmarc@ietfa.amsl.com>; Wed, 20 Jan 2021 11:28:28 -0800 (PST)
Received: from mail-pj1-x102e.google.com (mail-pj1-x102e.google.com [IPv6:2607:f8b0:4864:20::102e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A9C23A1332 for <dmarc@ietf.org>; Wed, 20 Jan 2021 11:28:27 -0800 (PST)
Received: by mail-pj1-x102e.google.com with SMTP id g15so2839452pjd.2 for <dmarc@ietf.org>; Wed, 20 Jan 2021 11:28:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mtcc.com; s=fluffulence; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=qz2vSwDSn0LqqE8gSzw66WjZ9+GYEHFyjf/XYgi2Xho=; b=jpmEbbXt+ZDr4rIXUa+4czLREjYY+YW8hqdii/wfwhe1zPi0nqN9eBImuWpdvVqx1d UvogDJxigANpIOKRSaqNLlORvoV8P4pQ5tZVFxbHeLZMRSX7zFhKTUIpTF2wXAYC48YN 0cG3nsgXJc6J1qu7KM1tWjOTtMHjDo49A5eK/Lkoh1Mi7oT9IcXKfDcsNEYdrSg1g/GV ezFwlbi+NeLLIOSSuDscDgbdUHgdKsEtniYOsTVwdHCDBU9bToAaLmpaGY1cXOjbNmgH K4fOjZ2GkSZIJ20hAcl/NqA8vPcSthwpm1gM3vzFCSOHgbliXV8EybxCqSi4xsOUn+eg swIg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=qz2vSwDSn0LqqE8gSzw66WjZ9+GYEHFyjf/XYgi2Xho=; b=XPHeI9KI7U2l1DBdcT2wJjaigMtYcvhHJx5iO0WfImgNqbymwy1gONqMRKl7Onegut VFwU5/zGLMyzWQ0nTy+7ZeiwRPdq1Y3tQKW79BhLzhZM0lBwZSjJRwgCK/vavNVcGtoK EAMd1MLFjvQ9EGr3n/97ChkvqqGG8ysRGPFfE7fpkVal360bX8rlwpyKOmSaW8+G4hDQ RLFxte+GWZ40nPRu8PX/ATMb1dO3tqZGpgvUhGfrbx4SY4sNziVWMojex8ZDZ7EArIRg 4ooWuOhpGQ/9BLU/y5L4TRetZb7SQB14R5v9lvfrvGsylmlNQcIBqP0lZWtxRzO0FKjH TL8w==
X-Gm-Message-State: AOAM532tRaljawtuN1sa9ngmS6GBnWTxph5gX1WudrlGHIFKRXTvxG30 pBTIlK5EqBgGe6RcI2pJukzlyMvy/It9+Q==
X-Google-Smtp-Source: ABdhPJx5Jh6HYQG/tf/wqwJ6D0dbhtkk4dQ9rf4RypRPH/43yqupGfDMuHsyEaRGpgKPPBoLLUx5jA==
X-Received: by 2002:a17:903:18a:b029:de:5aaa:e246 with SMTP id z10-20020a170903018ab02900de5aaae246mr11137387plg.70.1611170907004; Wed, 20 Jan 2021 11:28:27 -0800 (PST)
Received: from mike-mac.lan (107-182-35-22.volcanocom.com. [107.182.35.22]) by smtp.gmail.com with ESMTPSA id b188sm2954786pfg.68.2021.01.20.11.28.25 for <dmarc@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 20 Jan 2021 11:28:26 -0800 (PST)
To: dmarc@ietf.org
References: <20210120023151.3C86A6B7C86C@ary.qy> <ccc2489b-742d-acca-58db-55519764b02f@tana.it> <132aa0a-bd63-9ed1-e3d-75b23f46f15@taugh.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <78ab729e-7ec5-b154-8e29-b02197933f59@mtcc.com>
Date: Wed, 20 Jan 2021 11:28:24 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <132aa0a-bd63-9ed1-e3d-75b23f46f15@taugh.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/I_QuBgWDN_YeCw0q2DR-1Pjp_OM>
Subject: Re: [dmarc-ietf] Ticket #42 - Expand DMARC reporting URI functionality
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jan 2021 19:28:30 -0000

A little off topic, but is there any normative text in DMARC about the 
authenticity of the reporting? It seems like there ought to be normative 
text that the report should have a valid DKIM signature from the domain 
reporting. I'm not sure how you'd go about doing that with HTTPS though 
since client certs are essentially nil, and the normal way to do 
authentication is by creating an account.

Mike

On 1/20/21 11:19 AM, John R Levine wrote:
> On Wed, 20 Jan 2021, Alessandro Vesely wrote:
>> John's record looks more workable, but it's still fluffy:
>>
>> "v=DMARC1; p=none; rf=afrf; 
>> rua=mailto:dmarc-a@abuse.net,https://dmreport.abuse.net/dmreport/; 
>> ruf=mailto:dmarc-f@abuse.net"
>
> Whaddaya mean fluffy?  Try a PUT or POST to that URI and it'll work.
>
>>> I suppose the good news is that nobody implemented the underspecified
>>> report URL in one of the earlier DMARC drafts.
>>
>> It is not underspecified.  It specifies the /mailto:/ scheme. ...
>
> Early drafts had an http PUT with some error that would have prevented 
> it from working.  It was removed before 7489 was published.
>
> Regards,
> John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc