Re: [dmarc-ietf] draft-kucherawy-dmarc-base updated (-06)
"Murray S. Kucherawy" <superuser@gmail.com> Thu, 01 January 2015 04:36 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5D6611A1B2C for <dmarc@ietfa.amsl.com>; Wed, 31 Dec 2014 20:36:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.701
X-Spam-Level:
X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BMqAUoDBt4P6 for <dmarc@ietfa.amsl.com>; Wed, 31 Dec 2014 20:36:19 -0800 (PST)
Received: from mail-wi0-x22e.google.com (mail-wi0-x22e.google.com [IPv6:2a00:1450:400c:c05::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71DE51A1B36 for <dmarc@ietf.org>; Wed, 31 Dec 2014 20:36:18 -0800 (PST)
Received: by mail-wi0-f174.google.com with SMTP id h11so26298582wiw.13 for <dmarc@ietf.org>; Wed, 31 Dec 2014 20:36:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=vVUBHmvh/FxdOOBy2loGcVloDmOHGWzGMARbdWxPt0o=; b=fd81loG6E8Sl0yxstMFsBwc4gbbyUVhVHkzoUKFl2OJ2G2SX20PT+Fl1IU8muFT1Xw 4U188PKDm4HdQeZzXgVQi0Y10P23X2LnU0JCx4nszj13gJLW4vMG6TwtdoRtAcnFDukG /uq7MgMOKRXzpKtf8PmwkPWjYhA1vmNpAh2+gvNgaAfTwO4stM5qQotpmiBEsF0wLnIC 2/B5X7a+PW3vu9JkKxzlCNa7wZeGHN8mfZL8k7DGBtGW22NOs+oTA9jqAjNNo0OFKSUI NB/yelolj4b6UKcqh0EnwmPJKP7Z5tY1TNUmSGA58uzh+xSZ7lYT/4HTV0bMRsXLgWWe TibA==
MIME-Version: 1.0
X-Received: by 10.194.62.76 with SMTP id w12mr137428842wjr.5.1420086977286; Wed, 31 Dec 2014 20:36:17 -0800 (PST)
Received: by 10.27.204.198 with HTTP; Wed, 31 Dec 2014 20:36:17 -0800 (PST)
In-Reply-To: <54A1D5C1.9030505@sonnection.nl>
References: <CAL0qLwYOtQe0RLfPmO6TjoJv4CUKUoiRV=uzi29ip70_OZ9p3A@mail.gmail.com> <5463ECBD.9030703@sonnection.nl> <CAL0qLwYSTGhBixiOEyxnbQJ5O6h4F+0-8xiAAE7kvUUEnogkiQ@mail.gmail.com> <54A1D5C1.9030505@sonnection.nl>
Date: Wed, 31 Dec 2014 20:36:17 -0800
Message-ID: <CAL0qLwYm+cgsvu-jiW953A21CYMdGLe_howC9K7D4U-1wts0oA@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
To: "<R.E.Sonneveld@sonnection.nl>" <R.E.Sonneveld@sonnection.nl>
Content-Type: multipart/alternative; boundary="047d7ba977a4d4d8ca050b8fc30b"
Archived-At: http://mailarchive.ietf.org/arch/msg/dmarc/NXaXJI5ggVbO7mQRLmrWJqWoWCw
Cc: "dmarc@ietf.org" <dmarc@ietf.org>
Subject: Re: [dmarc-ietf] draft-kucherawy-dmarc-base updated (-06)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Jan 2015 04:36:21 -0000
On Mon, Dec 29, 2014 at 2:29 PM, Rolf E. Sonneveld < R.E.Sonneveld@sonnection.nl> wrote: > > > 3.1.3 Flow diagram >> >> The box titled 'User Mailbox' could give the impression that there's only >> one choice for delivery. However, quarantining can be done without delivery >> to a mailbox. I'd suggest to label this box 'rMDA'. >> > That's already done in -08. > > > OK. Well, it's MDA, but that's OK. One typo in the diagram. When: > > "sMTA" is the sending > MTA, and "rMTA" is the receiving MTA. > > > is correct, the box in the diagram should be labelled 'sMTA', not 'oMTA'. > Fixed. > > > >> The part within parentheses of step 6: >> >> 6. Recipient transport service conducts SPF and DKIM authentication >> checks by passing the necessary data to their respective modules, each of >> which require queries to the Author Domain’s DNS data (when identifiers are >> aligned; see below). >> >> >> might indicate that SPF and DKIM authentication checks need not be >> performed when identifiers are not aligned. However, for sake of reporting, >> SPF and DKIM authentication checks will in general always be done, or am I >> missing something? >> > > I can envision a DMARC implementation that skips SPF or DKIM checks if > the corresponding identifiers are not aligned, because they won't be > interesting to DMARC in that case. > > > Whether or not to generate reports in the case of non-alignment is not > clear from the text, or am I missing something? Par. 3.1.3: > > 8. If a policy is found, it is combined with the Author's domain and > the SPF and DKIM results to produce a DMARC policy result (a > "pass" or "fail"), and can optionally cause one of two kinds of > reports to be generated (not shown). > > > and par. 6.2 goes right into the format of reports, not the conditions > under which a report is to be sent. > Added an item at the end of the bullet list in 3.1.3. > > > > > 5.7 Last sentence: >> >> Mail Receivers SHOULD also implement reporting instructions of DMARC in >> place of any extensions to SPF or DKIM that might enable such reporting. >> >> Not sure what this means. But it seems to me DMARC cannot claim priority >> over other options/extensions in other IETF protocols. >> > This is another spot where the SHOULD gives the operator the choice to do > both if it wishes. I can't remember off the top of my head what the use > case is here, but essentially the absence of a request for DKIM or SPF > reporting (as developed by the MARF working group some time ago) should not > preclude DMARC reporting, nor should their presence interfere with DMARC > reporting. > > > Then, borrowing from your text, may I suggest the following text: > > "Mail Receivers SHOULD implement reporting instructions of DMARC, even in > the absence of a request for DKIM or SPF reporting [MARF]. Furthermore, the > presence of such requests SHOULD NOT interfere with DMARC reporting." > > Done, with slight changes. > > And as a general statement: thanks for all the work, Murray! > Anything to get this thing put to bed! -MSK
- [dmarc-ietf] draft-kucherawy-dmarc-base updated (… Murray S. Kucherawy
- Re: [dmarc-ietf] draft-kucherawy-dmarc-base updat… Dave Crocker
- Re: [dmarc-ietf] draft-kucherawy-dmarc-base updat… Rolf E. Sonneveld
- Re: [dmarc-ietf] draft-kucherawy-dmarc-base updat… Murray S. Kucherawy
- Re: [dmarc-ietf] draft-kucherawy-dmarc-base updat… Murray S. Kucherawy
- Re: [dmarc-ietf] draft-kucherawy-dmarc-base updat… Rolf E. Sonneveld
- Re: [dmarc-ietf] draft-kucherawy-dmarc-base updat… Murray S. Kucherawy
- Re: [dmarc-ietf] draft-kucherawy-dmarc-base updat… Wei Chuang