Re: [dmarc-ietf] Concerns for not Sending a Failure Report?

Steve Atkins <steve@wordtothewise.com> Sun, 04 August 2019 09:35 UTC

Return-Path: <steve@wordtothewise.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E74DD12003E for <dmarc@ietfa.amsl.com>; Sun, 4 Aug 2019 02:35:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wordtothewise.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VKThSOYb77pr for <dmarc@ietfa.amsl.com>; Sun, 4 Aug 2019 02:35:24 -0700 (PDT)
Received: from mail.wordtothewise.com (mail.wordtothewise.com [104.225.223.158]) by ietfa.amsl.com (Postfix) with ESMTP id A720312002E for <dmarc@ietf.org>; Sun, 4 Aug 2019 02:35:24 -0700 (PDT)
Received: from [192.168.0.88] (unknown [37.228.251.105]) by mail.wordtothewise.com (Postfix) with ESMTPSA id ACF909F146 for <dmarc@ietf.org>; Sun, 4 Aug 2019 02:35:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wordtothewise.com; s=aardvark; t=1564911323; bh=PfnduhJXd9TQOXY3IS3et5QfE3xBx2Je49KZr4pqXek=; h=From:Subject:Date:References:To:In-Reply-To:From; b=Np2r9j7RB3EmvoRCb/zSogvfl1AHlfifR2aAsAJBGlLcIS8UCRUJa2VtrXCJaL9JI vHifjRQ8kNt1FuSj7iUVzd+jCp3g7jzY5vpFplqhRPoL5KkY8qwo6ptXYQP0JvqRDY ECBtyMX1ICTL9Q2/piKkTtCcZ9Q8nTj/Qd3V8pzI=
From: Steve Atkins <steve@wordtothewise.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
Date: Sun, 4 Aug 2019 10:35:21 +0100
References: <e84652a9df6b61e599f30e7fae6c0c728faf5ce5.camel@aegee.org> <5DD2CBA9-6F28-483C-9B08-8D3A41526BD7@wordtothewise.com> <d36a922d6bbb8426167e44d434e07b62faf86f21.camel@aegee.org>
To: dmarc <dmarc@ietf.org>
In-Reply-To: <d36a922d6bbb8426167e44d434e07b62faf86f21.camel@aegee.org>
Message-Id: <6FCCAD3E-C2EB-4613-B0C0-148AE3387D21@wordtothewise.com>
X-Mailer: Apple Mail (2.3445.104.11)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/M8EIMhJdDrq2wy-UdRbFMEVNGtY>
Subject: Re: [dmarc-ietf] Concerns for not Sending a Failure Report?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Aug 2019 09:35:26 -0000


> On Aug 4, 2019, at 9:18 AM, Дилян Палаузов <dilyan.palauzov@aegee.org>; wrote:
> 
> Hello Steve,
> 
> in both cases it is about information that was sent over from the same mailhost.  

The mailbox provider has no way of knowing that you sent the mail. If it was authenticated as coming from you this wouldn't be an issue.

One mail was sent to *you*. It's OK for you to have access to it.

The other mail was sent to someone *not you*. There's no a priori reason you should have access to the content of the message.

Cheers,
  Steve


> To whom the information was sent
> decides the operator of the mailhost, not the one who suppresses failure reports.
> 
> In any case, for a failure report containing only the Message-Id it does not matter what information the email carried
> and to whom the information was sent.
> 
> Regards
>  Дилян
> 
> On Sun, 2019-08-04 at 09:07 +0100, Steve Atkins wrote:
>>> On Aug 2, 2019, at 10:41 PM, Дилян Палаузов <dilyan.palauzov@aegee.org>; wrote:
>>> 
>>> Hello,
>>> 
>>> I just thougth once again on this.
>>> 
>>> Some of the senders of aggregate reports offer free mailboxes.
>>> 
>>> Aggregate reports show that emails from a host to a provider of free mailboxes sometimes do not validate DMARC.
>>> 
>>> The one provider sending emails opens a free mailbox on the receiver and then sends a secret copy of each, otherwise
>>> ordinary delivered email, to that special mailbox.
>>> 
>>> Then the mails from that mailbox are downloaded, and the A-R header is checked.  By this way the sender finds out, which
>>> messages exactly have failed DMARC validation.
>>> 
>>> At the end the same information is obtained, that can be obtained by exchanging a failure report: which messages have
>>> failed.
>> 
>> Information found in mail mail headers in accounts that you have created includes email that's been sent to you.
>> 
>> Information found in failure reports includes email that generally was not sent to you.
>> 
>> Cheers,
>>  Steve
>> _______________________________________________
>> dmarc mailing list
>> dmarc@ietf.org
>> https://www.ietf.org/mailman/listinfo/dmarc
>