Re: [dmarc-ietf] Ticket #39 - remove p=quarantine

Дилян Палаузов <dilyan.palauzov@aegee.org> Thu, 03 December 2020 19:11 UTC

Return-Path: <dilyan.palauzov@aegee.org>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B93EA3A07B3 for <dmarc@ietfa.amsl.com>; Thu, 3 Dec 2020 11:11:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iE4bjEZ7d2O0 for <dmarc@ietfa.amsl.com>; Thu, 3 Dec 2020 11:11:20 -0800 (PST)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55EEE3A074B for <dmarc@ietf.org>; Thu, 3 Dec 2020 11:11:19 -0800 (PST)
Authentication-Results: mail.aegee.org/0B3JAtBQ3175681; auth=pass (LOGIN) smtp.auth=didopalauzov@aegee.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1607022676; i=dkim+MSA-tls@aegee.org; bh=JIS1rtHHpYfx9EuisOB168LQiUYvJJ5JdcNeJXC0TQE=; h=Subject:From:To:Date:In-Reply-To:References; b=qDSXLgUISDWEUL2+8V3aLC44MG4dAOPltfs0skt9XZ3pzb6KzZS7Y0+BC/Ic0Kiew RBXLenq+UJUd6p8a6zzy3NmhBYi6h3FdZE0Ug19/G1rxwHZEbZ78MDbMKf5O58a8eD eWjEXJpzs54nlCJQkclt3y7hbxX4+PMrmEj+Z3nBL5dU+L5AC487Sy25RsnVXWpJs+ ZMcpRKFIEOWsN8HU69exSo63CBTG+Qp6GXz+vc6SYGKIqLQxNviDTmyHhPiYIcPPfy gSqLwCgeF7mI2QTDRiejN+LA9VLgLI5oARC6f8ncblseYzGwb9lmE8CxXv30oW22kQ NMiXOb+8Crb84W1tze6FWL5D6LY9tlwFwz96pmAOsCqKJ0Rlfk3PFVOxBzFUCVMN6x Mg6id3bmt4hbbqFqj+YoJ2AxPooqvOJUITZWftZ4ExmBHjpQs845+BUurrgy+2SReT rlLNZSkHx3lS9cc8P7g5YuVYremzBjzmnkaVkoftzYlwzC41OTNhqix+FO6T10mA40 X19A/UrYXIwjKc+H28ky0bfJjTk5c+E5wkvUwymsGfpEOefqoeyMRFRSp2m+58YGBz I2NnkpZQv6TCbZ49P5i5VDRKZacZ7LVYypTKo5KGdzIdFVS1XOELx5pq9R756pyqU5 VEC5xlBdUUQ75ReCfJNsIQes=
Authentication-Results: mail.aegee.org/0B3JAtBQ3175681; dkim=none
Received: from [192.168.1.99] (87.118.146.153.topnet.bg [87.118.146.153] (may be forged)) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id 0B3JAtBQ3175681 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Thu, 3 Dec 2020 19:11:15 GMT
Message-ID: <32955c218e5c3193a1a7bc5f28a40507efa30f16.camel@aegee.org>
From: =?UTF-8?Q?=D0=94=D0=B8=D0=BB=D1=8F=D0=BD_?= =?UTF-8?Q?=D0=9F=D0=B0=D0=BB=D0=B0=D1=83=D0=B7=D0=BE=D0=B2?= <dilyan.palauzov@aegee.org>
To: Dave Crocker <dcrocker@gmail.com>, John R Levine <johnl@taugh.com>, dmarc@ietf.org
Date: Thu, 03 Dec 2020 21:10:51 +0200
In-Reply-To: <02de3db94e77ddb37f329c2a886ddf90a2d3c597.camel@aegee.org>
References: <a49a7a79-6c52-ded7-60a3-754cd12fb7c3@taugh.com> <2fc01257-3307-c453-18a0-bc423dccfe6a@gmail.com> <02de3db94e77ddb37f329c2a886ddf90a2d3c597.camel@aegee.org>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.39.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/Mc83XEbV9AP53G_F0oCrrruB9fQ>
Subject: Re: [dmarc-ietf] Ticket #39 - remove p=quarantine
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 19:11:23 -0000

Post Scriptum: DMARC can say one of two things:
-- all mails for a domain are DKIM-signed and aligned, according to the
domain owner
-- not all mails for a domain are DKIM-signed and aligned (e.g. when
the DMARC policy is absent, or p=none) according to the domain owner

Does the DMARC specification need to propose what to do with emails in
the first case above, when the DKIM-signature is not-valid/aligned? 
Some people will say yes.  I say no: there is no need to give one of
two possible advices on this (and there is no means to enforce the
advice)

Anyway, as I said I do not expect any consensus on this.

Please consider including in the DMARC specificaiton a discussion on
what is reasonable, e.g as outlined in the email below, and elaborate
pros and cons on r=reject and r=quarantine.

As the topic is controversal, it shall be presented as controversal in
the specification.

I do not follow the discussions here, I suppose that by now is
addressed, that „p=quarantine;pct=0“ should be interperted as „do MLM-
mungling”, and p=none to mean „no MLM mungling”.

⇐⇐⇐⇐⇐
From: Vladimir Dubrovin <dubrovin@corp.mail.ru>
To: Dotzero <dotzero@gmail.com>om>, Vladimir Dubrovin
<dubrovin=40corp.mail.ru@dmarc.ietf.org>
CC: IETF DMARC WG <dmarc@ietf.org>rg>, Дилян Палаузов
<dilyan.palauzov@aegee.org>
Subject: Re: [dmarc-ietf] Abolishing DMARC policy quarantine
Date: Fri, 14 Jun 2019 19:25:02 +0300

Nope, I mean 2 different things. 

1. Why quarantine is useful (with pct=0).  

For example this mailing list (dmarc@ietf.org) performs From rewrite
(aka From munging), e.g. dubrovin@corp.mail.ru is replaced with
dubrovin=40corp.mail.ru@dmarc.ietf.org. It's because corp.mail.ru has a
strict DMARC policy (reject). dotzero@gmail.com is not overwritten,
because gmail.com has p=none and ietf.org only overwrites From only for
domains with "quarantine" and "reject" policies. It's quite common
behavior.

If you are implementing DMARC for a new domain (let's say example.org),
you usually start with "p=none". With p=none you receive reports for
failed DMARC for different lists, like ietf.org. Before switching to
stronger policy (p=reject), you may want to know which mailing list
will still fail DMARC, and which lists perform From munging and, as a
result, do not fail DMARC. For this purpose, before switching to
"p=reject" it's useful to switch to "p=quarantine;pct=0". After this,
you will only see mailing lists without From munging in DMARC reports.

2. Why quarantine should not be used with pct different from 0

If you start enforsing strong DMARC policy with "p=reject" and you have
some previously uncatched misconfiguration (e.g. wrong envelope-from
address in some once-in-the-month mailing), you see DMARC failures  in
your logs and you can react to this failures and even re-send the
messages affected. 
If you start with "p=quarantine" you have no feedback except reports,
and reports are received with a huge lag (up to 2 days) and do not
provide sufficient information to catch the exact problem and you can
not re-send the quarantined messages.

⇒⇒⇒⇒⇒⇒⇒⇒⇒⇒⇒⇒⇒⇒





On Wed, 2020-12-02 at 13:15 +0200, Дилян Палаузов wrote:
> Hello,
> 
> On Tue, 2020-12-01 at 15:55 -0800, Dave Crocker wrote:
> > On 12/1/2020 3:17 PM, John R Levine wrote:
> > > #39 proposes that we remove p=quarantine.  I propose we leave it
> > > in, 
> > > even if it
> > > is not very useful, because trying to remove it would be too
> > > confusing. 
> > 
> > process, I suggest this issue gets some meaningful discussion.  My
> > email 
> > archive indicates it hasn't gotten any discussion at all.
> 
> This was discussed under the subject “Abolishing DMARC policy
> quarantine” in June 2019.  There was no consensus.  SMTP offers this
> distinciton and this is mirrored in DMARC.  In particular, senders
> are
> free to publish p=quarantine and receipients are free to interpret it
> as p=reject.  Senders can publish p=reject and receivers are free to
> interpret it as p=quarantine.
> 
> Moreover, some destination addresses do not have the concepts of a
> quarantine.  E.g an address that accepts commands for mailing lists
> managements.  Such addresses can either accept or reject the message
> -
> there is no quarantine, so interpreting published p=quarantine as
> p=reject is feasible.
> 
> Recalling the discussion from June 2019 I do not count on any
> different
> consensus, if it the discussion happens here again now.
> 
> Greetings
>   Дилян