[dmarc-ietf] Endless Email Loops with Aggregate Reports
Dilyan Palauzov <Dilyan.Palauzov@aegee.org> Fri, 31 May 2019 17:55 UTC
Return-Path: <Dilyan.Palauzov@aegee.org>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2788B120058 for <dmarc@ietfa.amsl.com>; Fri, 31 May 2019 10:55:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7rUreuDybAJB for <dmarc@ietfa.amsl.com>; Fri, 31 May 2019 10:55:36 -0700 (PDT)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 466B912001A for <dmarc@ietf.org>; Fri, 31 May 2019 10:55:36 -0700 (PDT)
Received: from mail.aegee.org (localhost [127.0.0.1]) by mail.aegee.org (8.15.2/8.15.2) with ESMTP id x4VHtWaf010198 for <dmarc@ietf.org>; Fri, 31 May 2019 17:55:32 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1559325333; i=dkim+sm-localhost@aegee.org; r=y; bh=7lb79T/kdh54MDKgefeKpi/hBqA4Fz7kQY9yFrdQ9Kc=; h=Date:From:To:Subject; b=g5YAXTvAegqvJyqPZDOElN+q6iaoSanQEsrroFv/6R22Fu/V/TNK6GOfpY4kxLEwu BU8Ys8+/RSTTVpRgCnD0rYeM/N77PZZ8XPdtCGMvFSDilTq0rlZE7CosbuuTGBdfgF poSyZhyyByLg/sPo4JTs9A13B1NH+xuSDUTSTbD1l57QyaKifD7yzVeNz1cZcIny+Y gdxhWvQvonzMuZ9wYqBfy+B2n18VWyrsV7sQiE5EAGX+DGcE6qIod/0ysXSBb0OM3j pxKiyFLkgK8osHS245nCUWw5iKzzA5fVMx/L159j1QR9SmfueXTYjYbqwdBC9lLGW6 Ktw2H7ZDUvojKAnPOhzfx47iH5Jao3tLN1cPd0hL5OaGx5xVadI8OV6J1t6Q410EVc fQfvr24i83YEM4iffnU4LmcCkwIDNAFyf2++uZNKHbgtjB6p+7Hm/E39bLBaXXIGQb YRapdeMDgEpIEp7NCKUIlfccNw0Gcd7vg6WYQWh5+4wX6xfKAlGztVioJUqdiZaufM 31uZRCyH2U0pXN39nXrUbZDOMq1UUmPAmOBiawhtsPEeSbg1F/2h6fa1Y1dueh9LLQ e3X+5dhxchXE5lKRxRYCRHMHiVLuHwFRhgMqShXNqmVIy2xe3vHg5Qpe1Lod8x9YjZ cCyYgyEK1MNs1UO1eNOamWA4=
Authentication-Results: mail.aegee.org/x4VHtWaf010198; dkim=none
Received: from 87-118-146-153.ip.btc-net.bg (87-118-146-153.ip.btc-net.bg [87.118.146.153]) by webmail.aegee.org (Horde Framework) with HTTPS; Fri, 31 May 2019 17:55:32 +0000
Date: Fri, 31 May 2019 17:55:32 +0000
Message-ID: <20190531175532.Horde.UpMFNBGKjRWB_hCZWHwSUfK@webmail.aegee.org>
From: Dilyan Palauzov <Dilyan.Palauzov@aegee.org>
To: IETF DMARC WG <dmarc@ietf.org>
User-Agent: Horde Application Framework 5
Content-Type: text/plain; charset="utf-8"; format="flowed"; DelSp="Yes"
MIME-Version: 1.0
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.101.2 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/K3eUbNhHpOeMCT2lKntlm0fM73I>
Subject: [dmarc-ietf] Endless Email Loops with Aggregate Reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 May 2019 17:55:38 -0000
Hello, DMARC aggregate reports can and do cause endless loops, too: A site publishes an email address for receiving aggregate DMARC reports. The rua-address bounces the messages (aggregate report) received there and the bounces does not validate the DMARC policy. So on the next reporting period a new aggregate report is sent, stating that the reply on the previous report failed DMARC validation. Unlike endless email loops caused by message-specific failure reports, the endless email loops caused by aggregate reports are by design rate-limited: one email per reported domain and reporting period. A wait to reduce the possibility into getting in such loops is toT send the reports FROM:<>. That said I propose recommending in DMARC, that both the message-specific reports and the aggregate reports are sent FROM:<> or NOTIFY=NEVER. Shall I submit an erratum to RFC7489? Regards Дилян
- [dmarc-ietf] Endless Email Loops with Aggregate R… Dilyan Palauzov
- Re: [dmarc-ietf] Endless Email Loops with Aggrega… Murray S. Kucherawy
- Re: [dmarc-ietf] Endless Email Loops with Aggrega… Dave Crocker
- Re: [dmarc-ietf] Endless Email Loops with Aggrega… Alexey Melnikov
- Re: [dmarc-ietf] Endless Email Loops with Aggrega… Murray S. Kucherawy
- Re: [dmarc-ietf] Endless Email Loops with Aggrega… Dave Crocker
- Re: [dmarc-ietf] Endless Email Loops with Aggrega… Hector Santos
- Re: [dmarc-ietf] Endless Email Loops with Aggrega… Tim Draegen
- Re: [dmarc-ietf] Endless Email Loops with Aggrega… Alessandro Vesely