IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC ATPS Interop Note

Douglas Otis <doug.mtview@gmail.com> Sat, 09 May 2015 21:44 UTC

Return-Path: <doug.mtview@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EB811B29E7 for <dmarc@ietfa.amsl.com>; Sat, 9 May 2015 14:44:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TyTNdgMOUn6H for <dmarc@ietfa.amsl.com>; Sat, 9 May 2015 14:44:44 -0700 (PDT)
Received: from mail-pd0-x22e.google.com (mail-pd0-x22e.google.com [IPv6:2607:f8b0:400e:c02::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C6A41B29EA for <dmarc@ietf.org>; Sat, 9 May 2015 14:44:44 -0700 (PDT)
Received: by pdbqa5 with SMTP id qa5so113501058pdb.1 for <dmarc@ietf.org>; Sat, 09 May 2015 14:44:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=3Nhik3axrnkXJh2TPfYQar6yqjmv+q3qSD83QCh6MTw=; b=M1x8Xhx7TDX0ChVE0enee7bDhrWaTJPRaqthKVRoPCiQM+NvTjvvn3QEmfAEXeKYlX KiZjXVfl34eqVQR6feecp7Md5kdtqOVcHvbqgMbAYc2XxQtZ6P3Tqx7ilQurhToOAQmD 4phL6Mk1ZQ/xg8IVI66gzBEggH1jPAJKT4Xi+lMp3tFlgpR1Yl24kRxxxo+tZXIZGWbU pkErF8N/EN9CGmBS7Rba9I7m7TVCguz+dDYcYqUbtmPJW5d1yC5hAQxhvPulJOnnuQni K3lvHRBZkQEbf9bX30OBaD75XRQ6oXZZJ+XUWsJIIPwzdKR+UorAiFEFD4KuAVi431Xq 06yA==
X-Received: by 10.68.94.129 with SMTP id dc1mr7266525pbb.8.1431207883682; Sat, 09 May 2015 14:44:43 -0700 (PDT)
Received: from US-DOUGO-MAC.local ([2601:9:7300:1510:ac95:181f:5317:c0eb]) by mx.google.com with ESMTPSA id u3sm8817170pbs.30.2015.05.09.14.44.40 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 09 May 2015 14:44:42 -0700 (PDT)
Message-ID: <554E7FCA.9040109@gmail.com>
Date: Sat, 09 May 2015 14:44:42 -0700
From: Douglas Otis <doug.mtview@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: dmarc@ietf.org
References: <554BC30F.1020107@isdg.net> <4087F3E9-540E-45C7-9AE1-2B71FC90CB5F@kitterman.com> <CAL0qLwbZo1=xg_AWNT550H25M64Hj9Bg+5WPsNhd4SFV4j1xnQ@mail.gmail.com> <554BE12A.7010606@isdg.net> <26011.1431106173@vindemiatrix.encs.concordia.ca> <CAL0qLwautmbuPUcObYRsrSn8j7ysmdnLaNApzspcJRamdDLb_w@mail.gmail.com> <87y4ky2kif.fsf@uwakimon.sk.tsukuba.ac.jp> <CAL0qLwZnEtHcr7YwZEDShLhdX22=_DcLgMG3dGWF5MXFRR51-A@mail.gmail.com>
In-Reply-To: <CAL0qLwZnEtHcr7YwZEDShLhdX22=_DcLgMG3dGWF5MXFRR51-A@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dmarc/M9_pWlAY-R1uxt7Ce7CUddUtLhI>
Subject: Re: [dmarc-ietf] DMARC ATPS Interop Note
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 May 2015 21:44:46 -0000


On 5/9/15 8:07 AM, Murray S. Kucherawy wrote:
> On Sat, May 9, 2015 at 2:00 AM, Stephen J. Turnbull <stephen@xemacs.org>
> wrote:
>
>>  > Agreed again.  And as Terry has said and I think we can infer about
>>  > other large operators, it's incorrect to assume (and plain wrong to
>>  > assert) that this is an easy problem for them to solve in a
>>  > reliable way.
>>
>> Please define "reliable."  I gather you all think that missing some
>> mailing lists is a bigger problem than missing all of them, but for
>> the life of me, I cannot see why.
> I'm having trouble coming up with a heuristic that is even certain to grab
> "most" of them.

Dear Murray,

I'll create another DKIM extension to implement required
replication of header fields for third-party domains.  This
can be implemented by just those originating the messages
AND those implementing DMARC.  Most mailing lists should not
be impacted by the required header field approach, but this
should remove a presumed need for yet another DKIM
signature.  I will have the DKIM extension draft published
shortly. 

Also, you seem to dismiss a sizable corpus of DMARC feedback
that can be verified by recent outbound logs. Of course only
a DMARC domain imposing restrictive policies will have any
need to implement this scheme which they should also see as
their obligation if they have any desire to have their
policy requests used.  That said, the update to DKIM should
be able to simplify what is contained in TPA-Label.

Together, these methods only require implementation by the
sender AND those imposing restrictive DMARC policy.

Regards,
Douglas Otis

v2.23.0 | Report a Bug | By Email