IETF Logo Mail Archive

Re: [dmarc-ietf] Signaling MLMs

Douglas Foster <dougfoster.emailstandards@gmail.com> Fri, 14 April 2023 13:59 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FBD5C1516FF for <dmarc@ietfa.amsl.com>; Fri, 14 Apr 2023 06:59:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.093
X-Spam-Level:
X-Spam-Status: No, score=-2.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lF595L1ww2MQ for <dmarc@ietfa.amsl.com>; Fri, 14 Apr 2023 06:59:36 -0700 (PDT)
Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F4099C14CEFF for <dmarc@ietf.org>; Fri, 14 Apr 2023 06:59:35 -0700 (PDT)
Received: by mail-lj1-x22d.google.com with SMTP id z38so2810855ljq.12 for <dmarc@ietf.org>; Fri, 14 Apr 2023 06:59:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681480773; x=1684072773; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=JY5rBiycJx44ViuA0m5Gm2Cx9uf1krNuZYQPx6yu6o8=; b=KF22BbxnsxHlSW1jZhWbgZzRTzDQzN1pOWVGPDodL6oR+2VDbDdpMbah5S9wR553+K CrSeXXNh/uQ1KRaMY6Y7YP2y//D6P1TTlyrN6prw2h0hPCfS5uBM7WTDmPlUYwsaBJVh vixw6vddM3gtYRVFeUu8wRZo054CbkH0wY2M+vbOivZWCQhJnKfflQVI+KK1CKFH/s/1 huCBPx0A0wfvDP9qd5uCwiRRfjNhkdoN+DMMygwtw5CF8oud3bPaBdtVw7WwwYjsaukU I3G19+gVOJkZ4kGK/Yp6g9kMcV70EP9dwVDJa2J33ZIehKCWokAzdks+H133ydzTPA5Q 4Rmw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681480773; x=1684072773; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=JY5rBiycJx44ViuA0m5Gm2Cx9uf1krNuZYQPx6yu6o8=; b=Q0jWB/NSdU6qGH/7N/Q6RcMLnr5Oyw6tQsIbKm7OMLC88iusUHoYtpUyCySZAqUAGL iAh3tDDH8nsh+1b/1RVDVXQznNt1DsZYOxL5bPR9Plhcr9r7QWfNdveWEsU0oahdhX6E jJvoQ1ldzmxWECZUyanQyf5mWvpxi7CmDtBxTj7fGRw53nZXhbthOQuwAr8JyBcfYoGZ Y6QQgA1uMSsB/k8R1QJBaqn+XVn41+to8AaWbmbn0x339APs1t46aH2ZA/PIhdy8XxMH ISSZxnQVuOYw7Uv0UsDlxBSaPxjKC1rRDB5m2v+Hq1wsd46EJqusLutE3OXu6XZmUvZO gKJg==
X-Gm-Message-State: AAQBX9cf0IS6KJ7VnDIEI82U5VPK5x/bjN1EzEylzWgUW4Hknb2mMuhd m19XJgPkmycjYkIbqCH/MIwoL6L4+Sz2KnJftg7Dvw5w
X-Google-Smtp-Source: AKy350b0ckcuThOHFnfKF+WHcaT9IBL2UypbqmySZQc7DdT6s+kmsOJsBqAr08p8ZPAHpun/tlJQe6o9QqrK8KhOHRc=
X-Received: by 2002:a2e:9811:0:b0:2a7:adf7:1788 with SMTP id a17-20020a2e9811000000b002a7adf71788mr1923368ljj.1.1681480773537; Fri, 14 Apr 2023 06:59:33 -0700 (PDT)
MIME-Version: 1.0
References: <CAL0qLwZc2X7tyP+_8vvL3Yb7uJk6td3XGbsXUB68BNUEMhV4yQ@mail.gmail.com> <8d970e6b-8fa7-da85-5c47-d485abbc43be@crash.com> <CAL0qLwZJjBq0T8kODJifTT10ttJJE2Bof5kJZACRTwyauzwQ6A@mail.gmail.com> <CAJ4XoYcHeFe0kS9QHz4fP5TbOMOiW8mJaiNYx+Yk8keZYW-yDQ@mail.gmail.com> <b6a2b444-de02-9833-fe7b-fc9ad542f900@tana.it> <CAL0qLwYwcXTBzqd=3sKwtZJUsEYO5kfv9V-CZtVHz2TQ78v=0g@mail.gmail.com> <909C826B-2745-4BE8-AD16-920E6DE86D1C@kitterman.com>
In-Reply-To: <909C826B-2745-4BE8-AD16-920E6DE86D1C@kitterman.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Fri, 14 Apr 2023 09:59:23 -0400
Message-ID: <CAH48ZfwdCdOijnCUT5WxJ+QJxSkJzrdpf+cqRNGNYqHbC37zpQ@mail.gmail.com>
To: Scott Kitterman <sklist@kitterman.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000034135705f94c40d2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/P9ZVCB3YPVv1jsfU_gwOCz5_-k4>
Subject: Re: [dmarc-ietf] Signaling MLMs
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Apr 2023 13:59:36 -0000

The situation will converge to two separate but unequal environments, those
that prioritize security, and those that require insecurity.

As people get burned, the pro-security segment will grow and the insecure
segment will find more and more restrictions on their ability to connect to
their high-risk environments

I see no reason to expect any other outcome.    Whatever words we publish
will be ignored or followed based on the camp that domains have chosen.

Doug Foster

On Fri, Apr 14, 2023, 9:48 AM Scott Kitterman <sklist@kitterman.com> wrote:

>
>
> On April 14, 2023 1:29:58 PM UTC, "Murray S. Kucherawy" <
> superuser@gmail.com> wrote:
> >On Fri, Apr 14, 2023 at 4:31 AM Alessandro Vesely <vesely@tana.it> wrote:
> >
> >> Heck, MLMs should start rejecting messages sent from domains that
> publish
> >> a
> >> blocking policy *when they fail authentication on entry*!!
> >>
> >
> >That's not enough to avoid the damage we're talking about.
> >
> >
> >> From: rewriting is the de-facto standard.  In DMARCbis we can only
> >> substitute
> >> "de-facto" with "proposed".  Better methods, implying different,
> possibly
> >> experimental, protocols are to be defined in separate documents.
> >>
> >
> >Are you suggesting we put that forward as our Proposed Standard way of
> >dealing with this problem?  It's been my impression that this is not a
> >solution that's been well received.
> >
> >
> >> Let me recall that when I proposed something like that, I was told that
> >> that
> >> was phase II and the WG was then already in phase III.  So, let's
> complete
> >> DMARCbis /without cannibalizing the spec/ by saying that it MUST NOT be
> >> used
> >> (as it is being used already).
> >>
> >
> >What you describe as "cannibalizing" is actually a matter of presenting
> the
> >correct normative advice about interoperability.  So I don't agree at all
> >with that characterization.
>
> Agreed.  If people can't get over saying some domains will have
> interoperability problems when that's demonstrably a technically accurate
> statement (and I don't see anyone claiming it isn't), I don't see how
> progress is possible.
>
> Scott K
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email