IETF Logo Mail Archive

Re: [dmarc-ietf] SPF doesn't accommodate third level .name domains?

David Bustos <david@bustos.name> Tue, 31 May 2022 15:49 UTC

Return-Path: <david@bustos.name>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 12EBCC14CF1D for <dmarc@ietfa.amsl.com>; Tue, 31 May 2022 08:49:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.908
X-Spam-Level:
X-Spam-Status: No, score=-1.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2eN0Hs4TojjL for <dmarc@ietfa.amsl.com>; Tue, 31 May 2022 08:49:03 -0700 (PDT)
Received: from forward3-smtp.messagingengine.com (forward3-smtp.messagingengine.com [66.111.4.237]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 85F2BC14F6EB for <dmarc@ietfa.amsl.com>; Tue, 31 May 2022 08:49:02 -0700 (PDT)
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailforward.nyi.internal (Postfix) with ESMTP id 77FFD1940EF5; Tue, 31 May 2022 11:49:01 -0400 (EDT)
Received: from imap43 ([10.202.2.93]) by compute5.internal (MEProxy); Tue, 31 May 2022 11:49:01 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:feedback-id :feedback-id:from:from:in-reply-to:message-id:mime-version :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm1; t=1654012141; x= 1654098541; bh=iQMFp3EpOGIy0uX28EkUatC9z8FjoqH/3rVqTXcXIkE=; b=I NOFBMsnsLQDk8Vgp43ghudUWwgxGW04T/aBhBNx0rvvdz2cHdwE7xtY5nIn2pyO0 +LUpF4AyeljKFsGvDuufrScSKryb4esFsorbTnmmj/v1U5hG9+mKcTHQAjTfU5/4 tjaFytVDAvGxHcJ8EEHuedKd79mIqbPPD4lqVZl/r1measEMmOu7kYBfYxulgrSy wIK+WkrlBVwwbpEPKvopz254+HNPzNf2L56C1/s7tPie9/5uZwi/SS5XfL/AHOaU AxO5tw+aycDVQ2DJQtFrLfAp+oqOEtxxWYczMRua2BrW+PLEOZmFpmOW5tcJ8FNg KwQEq705agS9qlA4IlRTg==
X-ME-Sender: <xms:7TiWYszibr2UDT9MZ-8tMfHaRUKF2gjYcXzsfGPrHKYzR-AGxUnRHg> <xme:7TiWYgT1_4tqdQdlAGI-q31qBLTWWBIjxQ2YJNXiCPmJBnnLWhA0DCbVVljXQtHNP onNrDRHFUUUoz7f>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrkeekgdelfecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkfffhvfevufgtsehttdertd erredtnecuhfhrohhmpedfffgrvhhiugcuuehushhtohhsfdcuoegurghvihgusegsuhhs thhoshdrnhgrmhgvqeenucggtffrrghtthgvrhhnpeejuddukeekjefgtdekuedtkeekte fgveekjeefjeeuleegiedujeehvdevudeuhfenucffohhmrghinhepsghushhtohhsrdhn rghmvgdpihgvthhfrdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpe hmrghilhhfrhhomhepuggrvhhiugessghushhtohhsrdhnrghmvg
X-ME-Proxy: <xmx:7TiWYuVCLeFTAsGY0NwoG3IKm74nTo4xVX9k07gDj25dZ6BLN89o5Q> <xmx:7TiWYqilXhAKlnv2IS6WCi-prMfP1SILGYMcrWCTHS5wN4cjCVJAew> <xmx:7TiWYuA8RaRJXY6k4XVi7BLs5BldDOVhzR4pzzF-GVmXZvHHA-R7ng> <xmx:7TiWYhNb9FF2t4j0uQlsOigcOGmuACCl3CZ-t5BxnFkJ90Ffe96eNA>
Feedback-ID: i4524418c:Fastmail
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 1AA802D4006D; Tue, 31 May 2022 11:49:01 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.7.0-alpha0-591-gfe6c3a2700-fm-20220427.001-gfe6c3a27
Mime-Version: 1.0
Message-Id: <a6e27804-cbc9-413d-8631-80a4b0d19895@www.fastmail.com>
Date: Tue, 31 May 2022 10:47:37 -0500
From: David Bustos <david@bustos.name>
To: Scott Kitterman <sklist@kitterman.com>
Cc: dmarc@ietfa.amsl.com
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/PiRf8rkxVnI63FqERV4jTj2AFbM>
Subject: Re: [dmarc-ietf] SPF doesn't accommodate third level .name domains?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 May 2022 15:49:08 -0000

Scott wrote:
> On May 30, 2022 9:50:05 PM UTC, David Bustos <david@bustos.name> wrote:
> >Since I own david.bustos.name, someone forwards david@bustos.name for me; I presume Verisign does.
> >
> >Lately I think email receivers have been quarantining my messages and I suspect the reason is SPF.  Specifically, no SPF record is published for bustos.name .  I asked Verisign to publish one and they declined.
> >
> >I'm thinking that SPF should be modified so that if a receiver finds no record and the domain ends with .name and the domain has two levels, it should look for the record on the third level domain.  Does that make sense?
>
> No.  My provider won't X, so we should special case the protocol doesn't scale.  It may be that .name is special to you, but there are a virtually infinite number of domains that are special to someone else.

So is your position that Verisign should publish an SPF record for bustos.name?  Don't you think they would say that doesn't scale because they would need to include an "include" for each third level domain in bustos.name?  Isn't changing one protocol more scalable than including N "includes" in the SPF record for each last.name domain?

.name was designed to be special by whoever regulated TLDs back in 2002, and that specialness was the main reason I bought the domain.  If the IETF position is that such addresses are second class citizens, then shouldn't that be expressed to Verisign so it can notify owners and registrars?

> Also, not really a DMARC question.

Is there an SPF working group?  The DMARC working group charter at https://datatracker.ietf.org/wg/dmarc/about/ includes

> 4. Related work
>
> Extensions to SPF/DKIM/DMARC that do not already fit under
> the charter of any existing working group can be considered for adoption
> by DMARC Working Group after consultation with the responsible AD.
> A prime example is draft-levine-appsarea-eaiauth, which provides EAI-related
> updates to DMARC and the protocols upon which it depends.
> Any such work needs to carefully consider interoperability implications.

I don't know much about DMARC, but it seems like it does not accommodate .name in the same way as SPF.  Is that true?  You guys are the experts, right?

Also, can you copy me on your replies?  Or should I subscribe to the list?


Thanks,
David

v2.23.0 | Report a Bug | By Email