IETF Logo Mail Archive

Re: [dmarc-ietf] DMARCbis issue: Separating reporting and policy

"Peter M. Goldstein" <peter.m.goldstein@gmail.com> Fri, 24 May 2019 15:04 UTC

Return-Path: <peter.m.goldstein@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C4FC1200D8 for <dmarc@ietfa.amsl.com>; Fri, 24 May 2019 08:04:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KG7M_UC9rCVf for <dmarc@ietfa.amsl.com>; Fri, 24 May 2019 08:04:55 -0700 (PDT)
Received: from mail-lj1-x243.google.com (mail-lj1-x243.google.com [IPv6:2a00:1450:4864:20::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5255A1202FF for <dmarc@ietf.org>; Fri, 24 May 2019 08:04:41 -0700 (PDT)
Received: by mail-lj1-x243.google.com with SMTP id r76so3480620lja.12 for <dmarc@ietf.org>; Fri, 24 May 2019 08:04:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8+Sno0Z6YFCMpv3FWTJ5Gx4yumuRuDGl+Hcls4E9BkQ=; b=usBJHDNVluwa2MIZXmjiuuQ7IBcE6XlzK62IIv9vvrsnHUbTWTNxtjQ1OjlOAR2r8z GZTFc+chr0QBem6dkKj/nI265L6fSIlyY5YDcbRSgTuvO7DyBEB6KFt69Gy2+W8jaI1T ta3aMESxXcfCU8OdaGrN7VDL1QCaRyG/FiB9pturQy9vX3+cSUacELfItpNs5xAwFFik e6NsuP30qIma5WaE9P1rb1uN4XCB638gN1hEO4rpnxt0xu6hXkDVOHda78pJRVmeS1iH aVi8z1vCgkYMUfvWbXHBbtSzpaHK8j9MHf0Q4Dc9xnvOnWEh8FJvakYA5dm6c1mXXynK SDTA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8+Sno0Z6YFCMpv3FWTJ5Gx4yumuRuDGl+Hcls4E9BkQ=; b=laY2RoOtrGSnMWvHEpTFw7GrL8qDT2RLJfXokw9OnyYBOlbQz+T9q20rBcnHlGuT+C /oa67ELh+gwrjSuCsXRF0YVPR+Y/jAQokboP9VK+OW4PUImrKwPgmeHWK4LDiGvY6d9/ ZVXcjAp8Go2qfN482VgeMD89WB5tS7mcsyL/54zvOVhjMFv/c12ex2GRT0dPRwTpJIcn 43nIdDshS4+vHvd9OVU8JN1XiFadUqoQCl1nrR7Uc+EzMSjWW6o7W4+SyzQM1CZgtcN6 nI7Y/9Smegj3OnLutjUy/QvTmDai/GHfExi8d3YRENg3g6YLv7nzjOt8GgfHUKFz8h4G 2ezA==
X-Gm-Message-State: APjAAAWtOs7VVYL7RnCNn2e2ust8I+0sLRNwBiLrPVWi32Mk2UblAs6o qZVyNmoEOlzu+sH+WiEoVVqkZTl69etE5DJ1NoQ=
X-Google-Smtp-Source: APXvYqxqxPUDR1Zy1MNtbY2MZ4qAL0eDyIv+KG6mgUbraKuCkUZBtVMe1vsS2ssJesAEVmCZZZMhXUr4naj31teoEnU=
X-Received: by 2002:a2e:129b:: with SMTP id 27mr21865865ljs.104.1558710279531; Fri, 24 May 2019 08:04:39 -0700 (PDT)
MIME-Version: 1.0
References: <5c2fc1da-ae7c-2efe-fda3-47855d61ade6@bluepopcorn.net> <bc94f806-277d-d68d-7928-670112cf0915@gmail.com>
In-Reply-To: <bc94f806-277d-d68d-7928-670112cf0915@gmail.com>
From: "Peter M. Goldstein" <peter.m.goldstein@gmail.com>
Date: Fri, 24 May 2019 08:04:28 -0700
Message-ID: <CAErFxEkSw2b8UrNn2+FogSd=92c9XCePWaL7gk4wG1PDRt5Q_w@mail.gmail.com>
To: Dave Crocker <dcrocker@gmail.com>
Cc: Jim Fenton <fenton@bluepopcorn.net>, "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000084f6380589a38400"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/JN1WwJXIFbm_0b6Ttp2c65SCvdc>
Subject: Re: [dmarc-ietf] DMARCbis issue: Separating reporting and policy
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 May 2019 15:04:58 -0000

Agree with Dave here.

There's no actual usage issues that are being addressed that merit the
split (and the work involved).  If you want to receive reports, but not
have receivers enforce a policy, set 'p=none' and a rua.  If you want to
set a policy but not receive reports, set 'p=<policy>' and an empty rua.  I
don't see why that's considered confusing or problematic.

It's also worth noting that the the precedent isn't an actual operational
precedent yet.  There's only one major receiver who is sending SMTP TLS
reports, and if you follow RFC 8460 to the letter you will not actually
receive them.  Unless you implement the DNS records described in RFC 8461,
you don't get any reports.  As someone who recently dealt with this, and
had a back and forth with the receiver, I can personally attest that this
was very confusing.  The first data point from operational deployment seems
to indicate that splitting RFC 8460/8461 may have been a mistake.  It's
either confusing for the implementing receiver (they are doing something
they shouldn't be doing) or for the domain owner (RFC 8460 isn't enough to
get reports by themselves).

Best,

Peter



On Fri, May 24, 2019 at 6:03 AM Dave Crocker <dcrocker@gmail.com> wrote:

> On 5/23/2019 1:35 PM, Jim Fenton wrote:
> > There are domains that would like to receive reports, but whose usage of
> > mail doesn't make it useful to express a policy. Conversely, there are
> > domains that want to express a policy but aren't interested in reports.
> > I'd like to advocate that DMARC be split up into two different documents
> > dealing with reporting and policy separately. If it's useful to have a
> > separate document that defines what it means to be "DMARC-compliant"
> > that is referenced by both, that would be OK.
>
>
> I'm not clear what technical or operational problem you are trying to
> solve.  That is, you seem to be proposing a document split without any
> technical changes.  Yes?
>
> While separating or joining segments of specification makes a
> difference, you haven't described what actual usage issues there have
> been that warrant the effort to split this document.
>
> d/
>
> --
> Dave Crocker
> Brandenburg InternetWorking
> bbiw.net
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email