IETF Logo Mail Archive

Re: [dmarc-ietf] 5.5.4. Publish a DMARC Policy for the Author Domain - dmarcbis-06

Scott Kitterman <sklist@kitterman.com> Mon, 04 April 2022 13:30 UTC

Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AC4BE3A08B1 for <dmarc@ietfa.amsl.com>; Mon, 4 Apr 2022 06:30:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.099
X-Spam-Level:
X-Spam-Status: No, score=-7.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, SPOOF_COM2OTH=0.001, T_HTML_ATTACH=0.01, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=qkm6vKtw; dkim=pass (2048-bit key) header.d=kitterman.com header.b=oI/z0ybS
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7LAeyTs1ivWj for <dmarc@ietfa.amsl.com>; Mon, 4 Apr 2022 06:30:33 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA9733A08C6 for <dmarc@ietf.org>; Mon, 4 Apr 2022 06:29:41 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [IPv6:2604:a00:6:1039:225:90ff:feaa:b169]) by interserver.kitterman.com (Postfix) with ESMTPS id E25DEF8027E for <dmarc@ietf.org>; Mon, 4 Apr 2022 09:29:40 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1649078980; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding : from; bh=v/n3ePFhAdDn1VBj8SWGzn0f7q5dAUTby8eepTyXffw=; b=qkm6vKtwAZedvDMUbtLpQ9X+u1o1fZbyb11AtyhxVpseouPsTYOkabwvTYAO76nGTfnWi U89C51Rjeu/kHGUDQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1649078980; h=from : to : subject : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding : from; bh=v/n3ePFhAdDn1VBj8SWGzn0f7q5dAUTby8eepTyXffw=; b=oI/z0ybS/XM8yVoxRnelrLuxWw6T8Th6ftQrY2VIwAlbYdImK0Q4nOjqkoT7ZL+OPp+iP WWisAAuSN3z7QM1Brz8u7x2aBs391vv61JblXCYAmY8/VNO4y9V4xgL8GzwJt8SzEQ3dqZh fZldiYJs4fsV24LGDaMTc19A+ojfG65p8t8Ibo773MH0nqXzolJZ1kDax6QjXItTYtP8gGS q+GsCLMIz0mbEwFyaBWYneHDf0iVaAp3mc5gzp0RtAq96QoJwdQO/0Bs3eVEDN7BhnHXS+y td61SglhAy0axu6LuQdIQLgzkv95jiwWvaXcTbURusoxkk7HqGAbAYq8eFnw==
Received: from zini-1880.localnet (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTP id A0F96F801B7 for <dmarc@ietf.org>; Mon, 4 Apr 2022 09:29:40 -0400 (EDT)
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
Date: Mon, 04 Apr 2022 09:29:40 -0400
Message-ID: <2550778.P67xgtABij@zini-1880>
In-Reply-To: <20220403024904.479EA3A462E4@ary.qy>
References: <20220403024904.479EA3A462E4@ary.qy>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="nextPart13519010.XJAFgHrqT3"
Content-Transfer-Encoding: 7Bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/PGrZUujlSpMuuRaHSEpuZvsKOXQ>
Subject: Re: [dmarc-ietf] 5.5.4. Publish a DMARC Policy for the Author Domain - dmarcbis-06
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Apr 2022 13:30:45 -0000

On Saturday, April 2, 2022 10:49:03 PM EDT John Levine wrote:
> It appears that Scott Kitterman  <sklist@kitterman.com> said:
> >Somewhat later than I had hoped, I've taken a shot at this.  Please see the
> >attached proposed update from dmarcbis-06 and rfcdiff.
> 
> Closer but of course, not quite right.
> 
> >2.  In the policy discovery section I added a few sentences on which policy
> >to use once the policy record is identified.  This doesn't change anything
> >relative to what's currently defined, but it seems to me that if we are
> >going to have a discussion of policy discovery we should take it all the
> >way to determining the poilcy and not stop at the determination of the
> >record to use to determine the policy.
> 
> It still gets the wrong answer for psd=n above psd=y.
> 
> I think it needs to say you walk up. At each step if you find psd=n,
> that is the org domain and you stop. If you find psd=y, that is the
> PSD, the org is the name beneath it, and you stop. (If the one beneath
> it has no DMARC record, is it still the org domain? I think it is.)
> 
> If you get to the top and there was no record with psd=y or psd=n, the
> org is the highest DMARC record you found.
> 
> This means if you find psd=n or psd=y you stop, if you find psd=u keep
> going.

I think the attached addresses this.  I also tried to make it clear that if 
there's only one domain (common 5322.From, 5321.MailFrom, and d=), then no 
tree walk is needed.

The diff is relative the last text I posted.

Scott K

v2.8.7 | Report a Bug | By Email