IETF Logo Mail Archive

Re: [dmarc-ietf] PSD Related Privacy Considerations For Aggregate Reporting Draft

Todd Herr <todd.herr@valimail.com> Thu, 02 February 2023 14:12 UTC

Return-Path: <todd.herr@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E981C14CF0C for <dmarc@ietfa.amsl.com>; Thu, 2 Feb 2023 06:12:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eAssvZH6s_BW for <dmarc@ietfa.amsl.com>; Thu, 2 Feb 2023 06:12:55 -0800 (PST)
Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com [IPv6:2607:f8b0:4864:20::42e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DA27C14CEE4 for <dmarc@ietf.org>; Thu, 2 Feb 2023 06:12:55 -0800 (PST)
Received: by mail-pf1-x42e.google.com with SMTP id z3so1281618pfb.2 for <dmarc@ietf.org>; Thu, 02 Feb 2023 06:12:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=WNezcpconj6iaodgYdOpYRU++aEtPx12HXl/ZqC64/I=; b=ZV0Rrzyle38Mxj4VqpalSRGnVNXIRO5KcM0SRxwZ7swwf+296IYLkBvAqcpTqvwyVr M3ubZlwnE+94IleWEO3Zh0mONs9L+QKwjuYb5TMcMZydcAZfPKtWC/DU3PPk6VT4kcBA CVLjQgNRd0/IJNJkr3QV50PWwnagkeDKtp3on/V6Assl6NZGM5fyQKdVSjeblSQfiiE8 yNtg60gxkAxOOuSa+GcOdeJcUv5QVVX8gr2IlMwtlBrr725y4go7WfvtLAaa+6O1qILn 6UedD5Tr2RWFatls/Mrs9Yi3ynY7meB7l3wXd4WdNOQSqicZyIU3Bf0yGuWJPdKoRGTm 1JxQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=WNezcpconj6iaodgYdOpYRU++aEtPx12HXl/ZqC64/I=; b=l5a2oJXpsJfmlgukoPOaOYNK7PYYfteqVnwZn337+48EKz5q0aJJRuyVQlCrbYFw8o JObQQiia4BDtQhKPZs1fmT3DF4nPGG33ILfxqk0cYWbrWhixgJ29zPMgtMZERwndbsBM S7egBoFuQ6P6RQhH0/rDTC2xVBrPEzBfm/lLK+6wG52zaNhszeXqi3HfswJ1/L7MFjD/ YQo4aymMslvVo8UNPDQGIg3AbDMhTCQG784kaH0ciN3Ju/zb4jxhI96605UYE0QpMvBN IW/BdO0Ep+fUqBCDdZ9fhbFXtEyGyjB/hfFBvkepXp+66rAaBtY3bHRNLVcssifgpril sfbA==
X-Gm-Message-State: AO0yUKVy9sUZpPs1eb+aaPbmbke0aG25O/3+JiOmp8NPBs0iVl72ju4/ kfD+X0vLUNuak/cEapXiaRRIJnofGsOLrqHTH3e4usZ+m9vRQNGT
X-Google-Smtp-Source: AK7set+du46u0znrK+3FpH2biBBbRKZrJAcGGKBpodAHwJnMWDiJZ+KO2Bno792CJ0VzxljhRcdfX13HIIi48uerL90=
X-Received: by 2002:a65:6705:0:b0:4df:9301:4717 with SMTP id u5-20020a656705000000b004df93014717mr1061865pgf.15.1675347174266; Thu, 02 Feb 2023 06:12:54 -0800 (PST)
MIME-Version: 1.0
References: <11529029.Y877iPkkNG@zini-1880> <MN2PR11MB43510C0C3C2B94846144F102F7EA9@MN2PR11MB4351.namprd11.prod.outlook.com> <CABZJ8k=Rkh9+AoDA+N2tawU+GkizNRS-MG14sRayYHWBmFP62A@mail.gmail.com> <CAH48Zfy8eqoXhqEZCe8GGSDvTccYiBi0ETipfWRMvNuTEqy-_w@mail.gmail.com>
In-Reply-To: <CAH48Zfy8eqoXhqEZCe8GGSDvTccYiBi0ETipfWRMvNuTEqy-_w@mail.gmail.com>
From: Todd Herr <todd.herr@valimail.com>
Date: Thu, 02 Feb 2023 09:12:38 -0500
Message-ID: <CAHej_8=mDe15Soyt-VN7Sb_==8ggXQPJ=8a9vkdC1-PYJS-PWg@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000032bcfe05f3b8292b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/J3f2mBhlWbtx0cDpz-tKEbv7eWA>
Subject: Re: [dmarc-ietf] PSD Related Privacy Considerations For Aggregate Reporting Draft
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2023 14:12:59 -0000

On Wed, Feb 1, 2023 at 7:14 PM Douglas Foster <
dougfoster.emailstandards@gmail.com> wrote:

>
> What does matter is that the NP policy should only apply when the
> organization domain is non-existent.   Existing domains have the right to
> send using a non-existent subdomain.
>

I disagree with both statements here.

A policy record containing an 'np' tag cannot exist in the DNS at
_dmarc.domain without the name 'domain' existing in the DNS, so I can't
even really parse your first statement. Can you clarify what you mean here,
please?

Beyond that, the np tag is currently defined (correctly, in my opinion)
thusly:

Indicates the message handling preference of the Domain Owner or PSO for
mail using non-existent subdomains of the domain queried. It applies only
to non-existent subdomains of the domain queried and not to either existing
subdomains or the domain itself.


As for the claim that existing domains have the right to send using a
non-existent subdomain, while such sending practices are outside the scope
of DMARC, those domains should have no expectation that such mail will be
accepted, on the grounds that the RFC5322.From domain being non-existent
means that the message cannot be replied to, and is therefore not worthy of
acceptance.

-- 

*Todd Herr * | Technical Director, Standards and Ecosystem
*e:* todd.herr@valimail.com
*m:* 703.220.4153

This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.

v2.23.0 | Report a Bug | By Email