IETF Logo Mail Archive

Re: [dmarc-ietf] draft-crocker-dmarc-author-00 ?

Jesse Thompson <jesse.thompson@wisc.edu> Tue, 18 August 2020 19:34 UTC

Return-Path: <jesse.thompson@wisc.edu>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F17CA3A09DF for <dmarc@ietfa.amsl.com>; Tue, 18 Aug 2020 12:34:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.048
X-Spam-Level:
X-Spam-Status: No, score=-3.048 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.949, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wisc.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1o52IWPd8zQP for <dmarc@ietfa.amsl.com>; Tue, 18 Aug 2020 12:34:30 -0700 (PDT)
Received: from wmauth3.doit.wisc.edu (wmauth3.doit.wisc.edu [144.92.197.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 228783A0994 for <dmarc@ietf.org>; Tue, 18 Aug 2020 12:34:30 -0700 (PDT)
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11lp2168.outbound.protection.outlook.com [104.47.58.168]) by smtpauth3.wiscmail.wisc.edu (Oracle Communications Messaging Server 8.0.2.4.20190812 64bit (built Aug 12 2019)) with ESMTPS id <0QF900220YDG7NG0@smtpauth3.wiscmail.wisc.edu> for dmarc@ietf.org; Tue, 18 Aug 2020 14:34:29 -0500 (CDT)
X-Wisc-Env-From-B64: amVzc2UudGhvbXBzb25Ad2lzYy5lZHU=
X-Spam-PmxInfo: Server=avs-3, Version=6.4.7.2805085, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2020.8.18.192419, AntiVirus-Engine: 5.75.0, AntiVirus-Data: 2020.7.23.5750001, SenderIP=[104.47.58.168]
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=K4aeE/zYSbTmuA4TGbIOn8euZeCzBdJ8b0UAy+Qewf1SGxMuyMw7ipRoppugHGM9mXUKcVrIyI/VXh7hHy488lvKiVHpzHbeyN644j3//CEFQukwihxNcDEYEQ378EvBsTdB++mQtQPvWi3eL6p/khUIE8qJpuIeM01RF9ljUZyAXX2aVWlklImyzVZsaDV+CyLgXTlv7FsclpZVk5UQs/dkTmpdXEs6noDb41GSyKhcZnHYTo3C8oavPTqpAOTk630f9t1RM5ItWhZ4NxjxXKKLdD7wOgczZIikwsOvOu8TWw+Egwc77wa2u2ASa+HYCOft6CsZ/xbXZl+m+joBQQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2z+tQDj80iZmQKSAA84ZaGMnGI4uRaSYP4J7hiDbKRY=; b=DCRSlEHckED4iPMRWq3NPaa02KxgEtVR1XClzw3BrInElifC4Qk1NiS1EbCjp/bFw5Sdc75fbeqNw0GCU5tbAMQr9TSDi47bs4n0GYOK0jq4fqJ2azM+OHsHcQTNNAlXto99RCm870ITv7hcH4LHmsDgAzg1VY36PVOQAvJ/7dbKrOraxWG+hFpJoOd4fXiimvgkan5X8r897zftc+mxifR3vImj7eZmf7Om5F7W+SsU2bkCm8XRAioyPjf+VkZUlDpNJCH3s3htxhyCG/4TJxmvd9AnIWcd6l+hzvJGr1IoR/cYT03cc2UBz428a76dXBVfjsHVi5SdkA8m03yVew==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wisc.edu; dmarc=pass action=none header.from=wisc.edu; dkim=pass header.d=wisc.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wisc.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=2z+tQDj80iZmQKSAA84ZaGMnGI4uRaSYP4J7hiDbKRY=; b=KwgNYJ3pikzbqb9YjCSoVVJraxEvIuSSij5WaxWTo2KIPphRRjpS4k+gKhauDc1DSvJu/bj7nZbk441dEnjmeaAycuHtJI+cvBL337E/NzfZL/lR8fZWQfOINHDS2lVXOrr0on5m2kuzGgQaIgJerUPakv5OnVpIkpDKr3EExfY=
Received: from CY4PR0601MB3668.namprd06.prod.outlook.com (2603:10b6:910:91::31) by CY4PR0601MB3748.namprd06.prod.outlook.com (2603:10b6:910:95::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3283.22; Tue, 18 Aug 2020 19:34:27 +0000
Received: from CY4PR0601MB3668.namprd06.prod.outlook.com ([fe80::d873:6271:eb77:2ef7]) by CY4PR0601MB3668.namprd06.prod.outlook.com ([fe80::d873:6271:eb77:2ef7%6]) with mapi id 15.20.3283.028; Tue, 18 Aug 2020 19:34:27 +0000
To: dmarc@ietf.org
References: <20200811034740.BA1831E7FDBF@ary.local> <0c8afc68-bc51-702a-c794-610b2d355836@dcrocker.net> <83a8e95f-d85d-634e-0c93-eb2ddab2c69d@wordtothewise.com> <99810a58-3809-bfd2-3571-bac54430f9e8@tana.it> <CAOPP4WHWoVkA+ZWZ+2AFnH8_nKBxO+t3Z4trz347JV0fsEy83Q@mail.gmail.com> <003501d671b9$467c0670$d3741350$@bayviewphysicians.com> <CABuGu1rhusgtqJd4k7XQBMaEnRkdxF8O_FTuYccEcwoKYjL4tQ@mail.gmail.com> <CAJ4XoYd=ZZnZzsGsAaS9jfuHkHXBDQjNeTzR=-CGXwuGZeFczA@mail.gmail.com>
From: Jesse Thompson <jesse.thompson@wisc.edu>
Message-id: <ae90aa5c-0094-d488-f5e4-711651c2c384@wisc.edu>
Date: Tue, 18 Aug 2020 14:34:14 -0500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:81.0) Gecko/20100101 Thunderbird/81.0a1
In-reply-to: <CAJ4XoYd=ZZnZzsGsAaS9jfuHkHXBDQjNeTzR=-CGXwuGZeFczA@mail.gmail.com>
Content-type: text/plain; charset="utf-8"
Content-language: en-US
Content-transfer-encoding: 7bit
X-ClientProxiedBy: CH2PR16CA0016.namprd16.prod.outlook.com (2603:10b6:610:50::26) To CY4PR0601MB3668.namprd06.prod.outlook.com (2603:10b6:910:91::31)
MIME-version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.0.2.111] (47.12.96.133) by CH2PR16CA0016.namprd16.prod.outlook.com (2603:10b6:610:50::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3283.18 via Frontend Transport; Tue, 18 Aug 2020 19:34:27 +0000
X-Originating-IP: [47.12.96.133]
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 1294f11c-a8f0-492d-7d9d-08d843adb862
X-MS-TrafficTypeDiagnostic: CY4PR0601MB3748:
X-Microsoft-Antispam-PRVS: <CY4PR0601MB3748F066CF3977D8BCC5033DF65C0@CY4PR0601MB3748.namprd06.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: Q2uUtAzmFJoNvSiLzjH+J9yFK0wxYcTzUKtLTnMWKg8raMxLUoSaA52RX7QogVbZ9r4RxsL1A/7NomSg7sszC/S9JfDjRbuq7l56AV/nDIxA0Y7J3SqusyBldkAwVbpcGMAbf2NqfXI19EwyuPVftrL5e/7ZAqMhGCilT7Sjv6A0OEjOMsXtDnE419XfAiM3N/Qt6gCBj1RlZPQiXnDHws3/FpBj+jtpmOGcvO5ue+V5v0sOuGo/vyJdO8RCvb/2szaOmdSp/C+WE0oSKo6MyBhryw9TnDCISgfFjUZiVwrVt696XFxwV8QgcAKKOc2GPCHWTDI278TMiae6p9EUGxMf1fNfNkKlyOwt4UfGmzUbsMvfHvTf2/RDweHJHVXM
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CY4PR0601MB3668.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(376002)(39860400002)(136003)(396003)(346002)(2906002)(6666004)(5660300002)(86362001)(6486002)(31686004)(956004)(2616005)(16526019)(186003)(83380400001)(16576012)(316002)(786003)(26005)(31696002)(44832011)(478600001)(53546011)(6916009)(36756003)(8936002)(66946007)(66476007)(66556008)(75432002)(8676002)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: 6KISHyNM2jtOrjSrR5pYSLbeLMScAI1ixkKYb3mlQyXJjDxZzA3OL/ohxI2MfXX65X63aoHLjOEMWdlUdLJ+V2q7tQ4femxWjxs49FCOusjSpAqVrZpqSJoshQJlV82s5XvfQlSwXDWvaNnNrXxPFu89Vq8rOAmBTzid243s53JHIlPbnRYHJqUad/rGvbxQQ8xij0nKT9afleooTilNJvEwM0d0wJWEmP+0zKHQegj1+n41NI+exJk0V6nqRGeEOlbD3xQrnQCGeFJTSk8DKsPOqG7fM63SqJUMIIosMeK/AF/hM+KiCd9giDnP5fJREZLZMUSwNXuzv8ukiD2OmKHGrxBMKyxnW60bjDVsBbaHxCLwLUToFbhOjyFblFNf9iTwGydNeGpDy1/mSdyBa6Fo8ZIlfXt5eRmv89ncJ7rJ0JMrt0qiDhhqgSj+oD9Y69/f7vgiB2sWainwL90SXWt0nZEYQF6enWFxIJtxUvt2laSr2F8+RpC2lSFGx3+Alq5t0sSDCEy94ditpqdg+7RFIzVi43GY+KAugS9geIMxHhTohhPY1yXNjYjuLLnLDcf4vZw0FEd5A9WY35oNam1wMqdjU8zgV7wkGDOtSR2/Ov9ztFQMqSWjExVhlHdLt9Lr+X6vrAUKe2QdilY4Nw==
X-OriginatorOrg: wisc.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: 1294f11c-a8f0-492d-7d9d-08d843adb862
X-MS-Exchange-CrossTenant-AuthSource: CY4PR0601MB3668.namprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 18 Aug 2020 19:34:27.6529 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 2ca68321-0eda-4908-88b2-424a8cb4b0f9
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 9HM6xpSIAmuLnDYoXKr2qxFJ5GyVcDVYP5ytqfjJGKonlyYH3X8oi3OhS3ZFDjiR3q6Ze5PBwT0lU1IcbeY2jg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR0601MB3748
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/M_25awypsGiv4lDYSkaoB9YMtbU>
Subject: Re: [dmarc-ietf] draft-crocker-dmarc-author-00 ?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Aug 2020 19:34:33 -0000

On 8/13/20 4:53 PM, dotzero@gmail.com wrote:
> Wrong answer. If the vendor is uncooperative then fire the vendor. 4-5 years ago it was difficult to find vendors who were willing to deal with DKIM and able to do a good job in implementing. The common mantra was "how does this fit into my business model". These days I would consider it table stakes.

DKIM, DMARC policy conformance, or any practical email functionality are rarely considered in procurement decisions.  Only recently did I manage to get some of these requirements into our organization's RFP templates.  It really hasn't made any impact on procurement decisions, which are made by people who don't understand the nuances of email to the extend that they can tell if the vendor actually meets the requirements.  Even if I were included on the evaluation team for every procurement (a job I do not want) it would be rare that lack of DKIM support would be enough to weigh negatively on a decision.

People like me only get called in after the system is deployed in production and they run into problems getting email delivered.  For one recently-procured (inventory management software) vendor, I had to coach a poor sysadmin through how to set up Postfix to relay-rewrite their own application's email so that it wasn't able to outright spoof (for lack of a better term) the address of any end-user-free-hand-inputted address.  Their own app dev team didn't feel like it was important enough to learn about DKIM/SPF/DMARC and kept confusing the changes they needed to make for email authentication with TLS 1.0 deprecation.  "It's in our next release" they kept saying.  

Companies like that will just check the "we support DMARC" on the procurement form because they don't know enough to understand that they don't.

Jesse

v2.23.0 | Report a Bug | By Email