Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows
Hector Santos <hsantos@isdg.net> Sun, 09 April 2023 18:31 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5EFCC1782D8 for <dmarc@ietfa.amsl.com>; Sun, 9 Apr 2023 11:31:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b="fGUL21iY"; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b="2a+dax2j"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O-jLDZPW1BMQ for <dmarc@ietfa.amsl.com>; Sun, 9 Apr 2023 11:31:39 -0700 (PDT)
Received: from mail.winserver.com (mail.winserver.com [3.137.120.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87202C1782D0 for <dmarc@ietf.org>; Sun, 9 Apr 2023 11:31:39 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha256; c=simple/relaxed; l=5131; t=1681065093; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:From:Message-Id:Subject: Date:To:Organization:List-ID; bh=O5YZfBopxfaRzASMuhLDlUfp3FenR+q LORJuq6pvTeA=; b=fGUL21iYT77M8FLq2ZnRvkVRFOw0ysnuY3tbPaQ+2HSzGRd IVc6si9+bBNgfpxyHcgwUcthK8UfIHbiWKyPWT4PirhzzF6rSJCIlTYD+WHgrhlR PyxNscYZKtXqfcjvHkNSRHFMxLAf/NHO7oxAUCv0ggJS31TAiFJE7aw312dQ=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.13) for dmarc@ietf.org; Sun, 09 Apr 2023 14:31:33 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; dmarc=pass policy=reject author.d=isdg.net signer.d=beta.winserver.com (atps signer);
Received: from beta.winserver.com ([3.132.92.116]) by winserver.com (Wildcat! SMTP v8.0.454.13) with ESMTP id 1457896770.1.7136; Sun, 09 Apr 2023 14:31:32 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=5131; t=1681065088; h=Received:Received:From: Message-Id:Subject:Date:To:Organization:List-ID; bh=O5YZfBopxfaR zASMuhLDlUfp3FenR+qLORJuq6pvTeA=; b=2a+dax2jnWDI3swufDwisD2YuWsQ tC5Lae0iR+8a29yemdBBP4c4/mXNYYDlcoXmVL32za7k2mBFVIGKVgFgvqgpZJuU ycYy5+80O27SgQS0Amx3dwuTeYGQ/Gjv+i/qf9qLayz9HZbj4pX8bvcybom46oDt wPhNAE+0Ov438Fs=
Received: by beta.winserver.com (Wildcat! SMTP Router v8.0.454.12) for dmarc@ietf.org; Sun, 09 Apr 2023 14:31:28 -0400
Received: from smtpclient.apple ([99.122.210.89]) by beta.winserver.com (Wildcat! SMTP v8.0.454.12) with ESMTP id 1903930238.1.12060; Sun, 09 Apr 2023 14:31:27 -0400
From: Hector Santos <hsantos@isdg.net>
Message-Id: <3E00DDA6-1A7D-45BF-9320-8D28AC931CDD@isdg.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_437BB08D-2A3A-48EF-9A9E-F8C0556D8ECA"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
Date: Sun, 09 Apr 2023 14:31:16 -0400
In-Reply-To: <CAL0qLwbPzS-XfncBjrtunP8OQ=Z-yRLfnWZKQ0v1acvuWTvnZQ@mail.gmail.com>
Cc: Jesse Thompson <zjt@fastmail.com>, IETF DMARC WG <dmarc@ietf.org>
To: "Murray S. Kucherawy" <superuser@gmail.com>
References: <20230409005207.DCA8BBD1CC17@ary.qy> <4a0dba74-3e25-b9cb-dd64-20bf04ae76ba@tekmarc.com> <7b599a98-922a-44db-af91-2f8aa0f74181@app.fastmail.com> <CAL0qLwbPzS-XfncBjrtunP8OQ=Z-yRLfnWZKQ0v1acvuWTvnZQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/PjrFoDBv224Avr6MYhSmXtvQV7Y>
Subject: Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Apr 2023 18:31:44 -0000
> On Apr 9, 2023, at 2:15 PM, Murray S. Kucherawy <superuser@gmail.com> wrote: > > On Sun, Apr 9, 2023 at 6:33 AM Jesse Thompson <zjt@fastmail.com <mailto:zjt@fastmail.com>> wrote: >> As Todd previously stated, my preference is for language that acknowledges the primacy of the domain owner over interoperability. CISOs have been sold (arguably, by the DMARC deployment companies' marketing) on the idea that there are security benefits. Maybe oversold, but there are benefits and the motivation will not change. Let's not also overlook the primary benefit of _the process of deploying DMARC_ gives to an organization: increased management and governance (enabled by the observability from the reports). In any case, the domain owner is motivated to deploy DMARC and gain the perceived benefits. If we are going to tell these motivated domain owners to MUST do something, at least make it something they might consider doing. > > I don't think the way DMARC has been marketed is germane to discussions about interoperability, which is what "MUST NOT" type language seeks to resolve. So is that the difference with ADSP and DMARCbis? Lacking ADSP language to forcibly say ESP-like domains MUST NOT use `DISCARDABLE` policy? DMARCbis will survive this ADSP dilemma by saying MUST NOT p=reject? 👍 Basically what we are authorizing now is permission for MDA, MLS and MTA, middle-ware, to do whatever they need to do that make sure mail is transportable and deliverable, including removing, masking the security wrapper. Since we will never get this right with this WG and rewrite is the only solution, I now agree to use a MUST NOT. So I think it should be outlined what will expected to happen if a domain uses p=reject when they should not: - risk interop issues, - messages alterations to remove the DMARC security blanket. — HLS
- [dmarc-ietf] Proposed text for p=reject and indir… Barry Leiba
- Re: [dmarc-ietf] Proposed text for p=reject and i… Jim Fenton
- Re: [dmarc-ietf] Proposed text for p=reject and i… Todd Herr
- Re: [dmarc-ietf] Proposed text for p=reject and i… Mark Alley
- [dmarc-ietf] DMARCbis and M3AAWG Email Auth BCP (… Todd Herr
- Re: [dmarc-ietf] Proposed text for p=reject and i… Todd Herr
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Brotman, Alex
- Re: [dmarc-ietf] Proposed text for p=reject and i… Dotzero
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Todd Herr
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Todd Herr
- Re: [dmarc-ietf] Proposed text for p=reject and i… Brotman, Alex
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Pete Resnick
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… John Levine
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Todd Herr
- Re: [dmarc-ietf] Proposed text for p=reject and i… Barry Leiba
- Re: [dmarc-ietf] Proposed text for p=reject and i… Brotman, Alex
- Re: [dmarc-ietf] Proposed text for p=reject and i… Todd Herr
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Mark Alley
- Re: [dmarc-ietf] Proposed text for p=reject and i… Barry Leiba
- Re: [dmarc-ietf] Proposed text for p=reject and i… Barry Leiba
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… John Levine
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Barry Leiba
- Re: [dmarc-ietf] Proposed text for p=reject and i… Pete Resnick
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Dotzero
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] THIS IS ABUSE (no it's not) Scott Kitterman
- Re: [dmarc-ietf] Understanding Ale's Abuse resear… Douglas Foster
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) Alessandro Vesely
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Mark Alley
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) Eric D. Williams
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… John Levine
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) Alessandro Vesely
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) Scott Kitterman
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) John Levine
- Re: [dmarc-ietf] THIS IS A DISTRACTION (it might … John Levine
- Re: [dmarc-ietf] THIS IS A DISTRACTION (it might … Scott Kitterman
- Re: [dmarc-ietf] THIS IS A DISTRACTION (it might … Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Dotzero
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Mark Alley
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Dotzero
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Neil Anuskiewicz
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Matthäus Wander
- Re: [dmarc-ietf] Proposed text for p=reject and i… Jesse Thompson
- Re: [dmarc-ietf] Proposed text for p=reject and i… John Levine
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Hector Santos
- Re: [dmarc-ietf] Proposed text for p=reject and i… Barry Leiba
- Re: [dmarc-ietf] Proposed text for p=reject and i… Hector Santos
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Neil Anuskiewicz
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Matthäus Wander
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) Alessandro Vesely
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) John R Levine
- Re: [dmarc-ietf] Proposed text for p=reject and i… Mark Alley
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Laura Atkins
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Laura Atkins
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) Eric D. Williams
- Re: [dmarc-ietf] THIS IS ABUSE (it might be) John R Levine
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Laura Atkins
- Re: [dmarc-ietf] Proposed text for p=reject and i… Dotzero
- Re: [dmarc-ietf] Proposed text for p=reject and i… John Levine
- Re: [dmarc-ietf] Proposed text for p=reject and i… Dotzero
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Douglas Foster
- Re: [dmarc-ietf] Proposed text for p=reject and i… Murray S. Kucherawy
- Re: [dmarc-ietf] Proposed text for p=reject and i… Emanuel Schorsch
- Re: [dmarc-ietf] Proposed text for p=reject and i… Dotzero
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Mark Alley
- Re: [dmarc-ietf] Proposed text for p=reject and i… Laura Atkins
- Re: [dmarc-ietf] Proposed text for p=reject and i… Wei Chuang
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Jim Fenton
- Re: [dmarc-ietf] Proposed text for p=reject and i… Jim Fenton
- Re: [dmarc-ietf] Proposed text for p=reject and i… Mark Alley
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Scott Kitterman
- [dmarc-ietf] Search for some consensus, was: Prop… Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … John Levine
- Re: [dmarc-ietf] Search for some consensus, was: … Hector Santos
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Hector Santos
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Alessandro Vesely
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Hector Santos
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … John Levine
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Jim Fenton
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Hector Santos
- Re: [dmarc-ietf] Search for some consensus, was: … Brotman, Alex
- Re: [dmarc-ietf] Search for some consensus, was: … Alessandro Vesely
- Re: [dmarc-ietf] Search for some consensus, was: … Alessandro Vesely
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Jesse Thompson
- Re: [dmarc-ietf] Search for some consensus, was: … Alessandro Vesely
- Re: [dmarc-ietf] Search for some consensus, was: … Alessandro Vesely
- Re: [dmarc-ietf] Proposed text for p=reject and i… Alessandro Vesely
- Re: [dmarc-ietf] Search for some consensus, was: … Scott Kitterman
- Re: [dmarc-ietf] Proposed text for p=reject and i… Hector Santos
- [dmarc-ietf] Summary: Search for some consensus, … Scott Kitterman
- Re: [dmarc-ietf] Summary: Search for some consens… Douglas Foster
- Re: [dmarc-ietf] Summary: Search for some consens… Hector Santos
- Re: [dmarc-ietf] Summary: Search for some consens… Douglas Foster
- [dmarc-ietf] Add MLS/MLM subscription/submissions… Hector Santos
- Re: [dmarc-ietf] Add MLS/MLM subscription/submiss… Douglas Foster
- Re: [dmarc-ietf] Add MLS/MLM subscription/submiss… Emanuel Schorsch
- Re: [dmarc-ietf] Add MLS/MLM subscription/submiss… Douglas Foster
- Re: [dmarc-ietf] Add MLS/MLM subscription/submiss… Alessandro Vesely
- Re: [dmarc-ietf] Add MLS/MLM subscription/submiss… Douglas Foster
- Re: [dmarc-ietf] Add MLS/MLM subscription/submiss… Hector Santos
- Re: [dmarc-ietf] Add MLS/MLM subscription/submiss… Brotman, Alex
- Re: [dmarc-ietf] Add MLS/MLM subscription/submiss… Hector Santos
- [dmarc-ietf] Fwd: Summary: Search for some consen… Scott Kitterman