Re: [dmarc-ietf] Recipient domain in aggregate reports (#23)

John Levine <johnl@taugh.com> Tue, 04 May 2021 02:49 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D7D43A209A for <dmarc@ietfa.amsl.com>; Mon, 3 May 2021 19:49:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.85
X-Spam-Level:
X-Spam-Status: No, score=-1.85 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=WNhw634u; dkim=pass (2048-bit key) header.d=taugh.com header.b=KBGm0bpH
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id htRHn8FYycam for <dmarc@ietfa.amsl.com>; Mon, 3 May 2021 19:49:46 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DFF4C3A2099 for <dmarc@ietf.org>; Mon, 3 May 2021 19:49:45 -0700 (PDT)
Received: (qmail 33041 invoked from network); 4 May 2021 02:49:43 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=810b.6090b647.k2105; bh=NVFfNtgklUPdalOMLiHkBbg0YLxokKR88bIg+UOj5qk=; b=WNhw634uOSmbho0SkzlkDN00weVMWqa91HiO+XS+WCfshmy+RiVuXNc86jQbUqNqwukxHWgc+6eWogl1Obwun2Tm0tDFt0GaKWi5PFQtWIU46boaHFvblCCje1FxFk6nhAOmJ2K0rcJ1MYBp4Qu4yUNQ6A9DNHMqbzm8BADkC5js3hYTlBU6la9v80uISbIaUvAZZ39518+ELWfN2h1d4PM7lveBZBDJ7dHNhHR11dje7lkOk9UkLt6nbMfu4owlgeOgM6AhwIGmkF+qTAnPECcJuFvI/v99qJ3QXbjHahRCSwZHWc/Kn37N5bpdF13eommHZnY3QF94nV4pUzeN1w==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=810b.6090b647.k2105; bh=NVFfNtgklUPdalOMLiHkBbg0YLxokKR88bIg+UOj5qk=; b=KBGm0bpHxHRtZhHO2DjL9ukig4Cs3nOq+pyFXEP/S8iRC2fHnA7OPUCNLLhqUWtkmmqNFQoBMTEOxFr0VyZuZcupaqyXXJ+raWM0zU/CZd7iuT2E+FSCdoFy7xauWgqsObTO6QY6MawOV0xxwhA/jLbBboQ0yq5gXtOx9k80x8xzRkwImBzPyTN4sbkULUsIhUv5qF1EXud+b9mNs5YHuzb/GEt+Fo31bkyoTKI+cKHoiVkqY9Let583f+e0EdLw0fSp7tTH5oA/QnABJ/7zl2QMaj37Yai21r80D3q5pPTXbl95j/jDJl0g0zt4OUbPaLdcZy4W/04+qgGyhQkbjg==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 04 May 2021 02:49:43 -0000
Received: by ary.qy (Postfix, from userid 501) id D79146F34FE; Mon, 3 May 2021 22:49:41 -0400 (EDT)
Date: 3 May 2021 22:49:41 -0400
Message-Id: <20210504024942.D79146F34FE@ary.qy>
From: "John Levine" <johnl@taugh.com>
To: dmarc@ietf.org
Cc: dougfoster.emailstandards@gmail.com
In-Reply-To: <CAH48ZfzH24kw9Rn8t_r-WmsBVQKcrNnV9Px0Gr7ufJcSncmUuQ@mail.gmail.com>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset=utf-8
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/RREscvDmLrjcjV2mIrGNsxq4p7U>
Subject: Re: [dmarc-ietf] Recipient domain in aggregate reports (#23)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 May 2021 02:49:51 -0000

It appears that Murray S. Kucherawy  <superuser@gmail.com> said:
>Is that enough?  If I control a domain, I can make up any number of
>apparently-valid envelope addresses I want.
>
>Using DKIM selectors for tracking will also put a huge load on DNS if
>> implemented at scale [...]

Hi.  Passive-aggressive mail operator here.  I have an unlimited number
of addresses in multiple domains (some catchall, some a long list of
explicit addresses) and through the magic of wildcards, every outgoing
message gets a unique DKIM selector.  (If you follow RFC 8198, the DNS
load is insignificant.)

There is a long history of people who thought they did enough
aggregation of various kinds of PII to prevent identification of
individuals and later found out that oops, no, they didn't. So let's
not even try that route.

R's,
John