Re: [dmarc-ietf] Forensic report loops are not a problem

John Levine <johnl@taugh.com> Sat, 16 January 2021 03:40 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 510F53A149C for <dmarc@ietfa.amsl.com>; Fri, 15 Jan 2021 19:40:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.851
X-Spam-Level:
X-Spam-Status: No, score=-1.851 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=YV//M+0m; dkim=pass (2048-bit key) header.d=taugh.com header.b=sp3bHg0y
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SGDLChINtLip for <dmarc@ietfa.amsl.com>; Fri, 15 Jan 2021 19:40:29 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A457C3A14A1 for <dmarc@ietf.org>; Fri, 15 Jan 2021 19:40:28 -0800 (PST)
Received: (qmail 45086 invoked from network); 16 Jan 2021 03:40:27 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=b003.6002602b.k2101; bh=xe2DDE1nXZylYqCjWM+HY7tIas1Zrw5k3A26daDU67k=; b=YV//M+0m5F//gkjuJWAI+qbiVTAsc0LXUyU+Ehkds6LkoIPKystwnK7vhEPzh3VrAqxG/qcjK4ZTL2Q6F9U3x69doS2EoOuDctHqiEJLjWC+MbuHsXBeWjAgb7nGG+6i9Q5nqZlNGr11yM1NjrU+F1PtM0Nzd80nehjwsKFPqmcElheuqnmiwTdzYSdUBgftaQxcso4pjsUbdAbjTKixRXZnSCnnwMbuCnMiH855Rdo4A7yol3NVxTth7k+QoXARQu/E+RGbdsPRP3anK1qUE1QvVhsOyaPoIts6elMZnhi7chiSCQlUHcNF7t3hw54HgX33+iQvMLxfKUxHjqDc3g==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=b003.6002602b.k2101; bh=xe2DDE1nXZylYqCjWM+HY7tIas1Zrw5k3A26daDU67k=; b=sp3bHg0yhSQP3Gmv8oNe4woDM0QuJnTwhMNb0rAW9SL5OVZIn3NnlhUQ3rwPBcAv76xI+LvIMFQ/eVEJRQmhcxP0Q5fa2NZJ560nfcoY9i0GcUzcXSvdZ5RphoWCBt5J9yS5aN5aYbByIRCNhuD2OtJjhBl7T32HfBx+jD69yuJbqS1cs4Rkd48K405Wlh9q5dlDpNMXdpX/uNwQif4lxRoqAUkQBYwjFeLOP0V+ihTVs//unS27nXx/ep5ZLWRLsbJm0u2hlCIGaBxmrhkyRVpdU/xATp0CvPrFWXom94TaB5nxHJh8IgBgDieYOqly+zXZvAbZHGZwrh1IFX+X4Q==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 16 Jan 2021 03:40:26 -0000
Received: by ary.qy (Postfix, from userid 501) id 5C93F6AC0428; Fri, 15 Jan 2021 22:40:26 -0500 (EST)
Date: 15 Jan 2021 22:40:26 -0500
Message-Id: <20210116034026.5C93F6AC0428@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: dmarc@ietf.org
Cc: superuser@gmail.com
In-Reply-To: <CAL0qLwaZx97cztehz_o=cCVZRbEP_yFVS9hTqWDKg7cMgjNvFg@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/PneYeYgl6KacWCS1rrxG00Qy-Qc>
Subject: Re: [dmarc-ietf] Forensic report loops are not a problem
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 16 Jan 2021 03:40:31 -0000

In article <CAL0qLwaZx97cztehz_o=cCVZRbEP_yFVS9hTqWDKg7cMgjNvFg@mail.gmail.com> you write:
>-=-=-=-=-=-
>
>How are implementers dealing with forensic report loops?
>
>Say I send a message from X to Y, whose DKIM signature fails.  Y sends me
>back a forensic report, whose DKIM signature also fails.  X sends a
>forensic report to Y, whose report fails, etc.  We need a way to break the
>loop.

If the reports are unaligned and their domain is requesting failure
reports, sending reports about the failure is exactly the right thing
to do.

I still don't understand why anyone thinks there is a problem to be
fixed. If you don't want reports, don't ask for them. If you think the
mail you send shouldn't be provoking DMARC failure reports, adjust
whatever is sending the mail the mail is aligned, or get rid of the
ruf= that asks for the reports. What am I missing here?