Re: [dmarc-ietf] Fwd: New Version Notification for draft-fosterd-dmarc-spf-best-practices-00.txt
Alessandro Vesely <vesely@tana.it> Mon, 15 May 2023 08:25 UTC
Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E5A20C15108D for <dmarc@ietfa.amsl.com>; Mon, 15 May 2023 01:25:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=tana.it header.b="DIna/pMl"; dkim=pass (1152-bit key) header.d=tana.it header.b="Aq578ybn"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wsHQGvVmmtgI for <dmarc@ietfa.amsl.com>; Mon, 15 May 2023 01:25:34 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [94.198.96.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 554CFC15199A for <dmarc@ietf.org>; Mon, 15 May 2023 01:25:30 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=tana.it; s=epsilon; t=1684139127; bh=WBFoeJuwcH80lt1MNozuKKwLLfDjTRzNx9LdxDsrR2Q=; h=Author:Date:Subject:To:References:From:In-Reply-To; b=DIna/pMlvJ6jftcJSuR1Kdw3ho9WNExu8R70snbeOinOJyUFZGc7XsgORh0+SK1Tf eUYas4zZID7EqN7pvKGBw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1684139127; bh=WBFoeJuwcH80lt1MNozuKKwLLfDjTRzNx9LdxDsrR2Q=; h=Date:Subject:To:References:From:In-Reply-To; b=Aq578ybnIjDYwHVlNcmYPikXjN74onLezPbiFQE2So/WzMBSB1YkVoQTtRqbg6PKl FGwpK9E9hkOM2+izUVI1X+ViiKLXJv8fP2BXaZMu3KgZ2qlgHqd/p6kTaqlGW3DQdm M5/rBJxul/8ea5C+kkblQjmPuE6o5WzhHYkRdvMIj90fvbma6L9KiCSA5GnUQ
Original-Subject: Re: [dmarc-ietf] Fwd: New Version Notification for draft-fosterd-dmarc-spf-best-practices-00.txt
Author: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC0BC.000000006461EC76.00003531; Mon, 15 May 2023 10:25:26 +0200
Message-ID: <3498d00d-adb1-e157-1c05-961879e08caf@tana.it>
Date: Mon, 15 May 2023 10:25:26 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0
Content-Language: en-US, it-IT
To: dmarc@ietf.org
References: <168402769728.53698.12482791152259255661@ietfa.amsl.com> <CAH48ZfzsbYb40z31HM1fAh2_BxYOfFP+eQEg6RBnhCSWpsGfTA@mail.gmail.com>
Authentication-Results: tana.it; auth=pass (details omitted)
From: Alessandro Vesely <vesely@tana.it>
In-Reply-To: <CAH48ZfzsbYb40z31HM1fAh2_BxYOfFP+eQEg6RBnhCSWpsGfTA@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/PguFGQKV1qBUndSlzzuxG7Pi08k>
Subject: Re: [dmarc-ietf] Fwd: New Version Notification for draft-fosterd-dmarc-spf-best-practices-00.txt
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 May 2023 08:25:41 -0000
On Sun 14/May/2023 13:32:18 +0200 Douglas Foster wrote: > From the document: > > "Without exception management, Sender Authentication dies as soon as an > exception is necessary. A poorly designed exception process may enable the > very impersonations that Sender Authentication is intended to prevent." > > > It could also be subtitled, "How to use Sender Authentication without damaging > mailing lists." The I-D seems to be conceived like a postmaster manual. In that respect, it might be useful, and an occasion to clarify the impact of email authentication over "traditional" filtering techniques. However, it is not clarified what kind of mechanisms provide the evaluator feedback which allows continuous improvement. The parallel between DMARC and SPF needs to rule out layer violations, since SPF is one of the DMARC mechanisms. Use of SPF is not fully explained. In particular, Section 2.5, Non-privileged Messages with Sender Authentication FAIL and Content Filtering PASS, doesn't take into account that SPF fail, -all, can imply rejection at MAIL or RCPT commands, whereby the message content won't be available. (The topic is well described in Appendix D of RFC 7208.) DNS white lists could be mentioned as an example of alternate authentication. Best Ale --
- [dmarc-ietf] Fwd: New Version Notification for dr… Douglas Foster
- Re: [dmarc-ietf] Fwd: New Version Notification fo… Alessandro Vesely
- Re: [dmarc-ietf] Fwd: New Version Notification fo… Douglas Foster
- Re: [dmarc-ietf] Fwd: New Version Notification fo… Douglas Foster