IETF Logo Mail Archive

Re: [dmarc-ietf] ESC for Failed DMARC Validation

Дилян Палаузов <dilyan.palauzov@aegee.org> Fri, 02 August 2019 21:27 UTC

Return-Path: <dilyan.palauzov@aegee.org>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32945120147 for <dmarc@ietfa.amsl.com>; Fri, 2 Aug 2019 14:27:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jjrs7TMdkrqc for <dmarc@ietfa.amsl.com>; Fri, 2 Aug 2019 14:27:52 -0700 (PDT)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC5F312013B for <dmarc@ietf.org>; Fri, 2 Aug 2019 14:27:51 -0700 (PDT)
Authentication-Results: mail.aegee.org/x72LRmtZ007157; auth=pass (LOGIN) smtp.auth=didopalauzov
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1564781269; i=dkim+MSA-tls@aegee.org; r=y; bh=xJHbCuvpQXCH+e+8FqKXT1ySBM6jRhNPJ/DKchTGi80=; h=Subject:From:To:Cc:Date:In-Reply-To:References; b=FBaEFEr1e4m2zbMAopvzhsT33Inbm1kB77p3DQ3wtjhNui/3dtP9tnVcMfUZ14O04 ZIZO3/F2s6L/4y1zPUue/e3sxPwnFmaaFxtmCUQOhWs1WnrcV711DhapQsRTWMmzO9 MXpccaXpOXOhtip+68sRJBA11MQUke67mqrfqWmI1ImBSx5vKuapMCfhkyY4/vWDiM NjkjKTX3T6qtoeuwlzu6T/aY1LE+ffFNXmgbhIhflEIeO2W2jtA6yMicjknc+DEkSV UyJvN6bJKgfyFjIZi55i+LnZp0gYZUL5ndFmKuunYJ7Pgd9vTBR65SdvEiBcjm5Q9f KA7z2y8AyHrL/MAxaWHAMoYhS6LlQn5ox0RWHyH9IijIV0mvWd9Um2LQ5fGr3mXicW DbxBOLR4GK8uhA+Qtm5v5piPCe0ogYnIBxY1nE+OivW4qVbQkQY84TbRn2A7W+YGQC 9o7N0Ivgf1ozlkMHBZimFXKebH+mebJPLtJvOUsCODsvmJJjv4JSbKMoJVaKTeOIsw KSPeveMhuZolp7dFz5dPpfgVMfouKF8f32wA5JM32KelzsukqWanFo0SOK4ZYVDjA4 WQOIKolHPE78mGuLa0VcOgN8HVjGEec+2NN0+texrFagNN7rNkKIunk87BYL9fO6Im CUoqGFPeb0wpvsx21H0r8vMU=
Authentication-Results: mail.aegee.org/x72LRmtZ007157; dkim=none
Received: from Tylan (87-118-146-153.ip.btc-net.bg [87.118.146.153]) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id x72LRmtZ007157 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Fri, 2 Aug 2019 21:27:48 GMT
Message-ID: <f5a7aa1ada8cc49150c31834569825f5433ed6f5.camel@aegee.org>
From: Дилян Палаузов <dilyan.palauzov@aegee.org>
To: "Rolf E. Sonneveld" <R.E.Sonneveld@sonnection.nl>, "Murray S. Kucherawy" <superuser@gmail.com>
Cc: IETF DMARC WG <dmarc@ietf.org>, Alessandro Vesely <vesely@tana.it>
Date: Fri, 02 Aug 2019 21:27:48 +0000
In-Reply-To: <9ffdbe9e-7720-0a39-876e-7bfbdd0b9366@sonnection.nl>
References: <c676b42745c2c8114ec26eb1f405c9eb2e68c364.camel@aegee.org> <22f0d022-57f7-8b8f-0d88-18d1c77e990e@tana.it> <505750d4fb9c03050508255594c55f4517da3e6d.camel@aegee.org> <CAL0qLwaDdfq6nkKubh2B=7PTZDt9E271z8tnq2bF-9KbwQQg3g@mail.gmail.com> <e2011ab9c66e9559caba22d7fd6d01bbd34345b7.camel@aegee.org> <CAL0qLwZ-gzfD3drxqRHzLChZagMvocUN_ijrMVg_H65AMpHPvA@mail.gmail.com> <9ffdbe9e-7720-0a39-876e-7bfbdd0b9366@sonnection.nl>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.33.90
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.101.2 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/SWnOZ0H0jgl2PGoIe-XV_VIJeVo>
Subject: Re: [dmarc-ietf] ESC for Failed DMARC Validation
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Aug 2019 21:27:54 -0000

Hello,

these are already now two ESC: 2.7.30 and 5.7.30.  X.7.30 means in both cases, that DMARC validation failed.

For a domain with policy p=reject; pct=0 the mail is delivered (250 2.7.30), despite failed DMARCр and for a domain with
p=reject; pct=100 when DMARC failed and the mail is rejected (550 5.7.30).

Please propose a different wording, I do not see a contradiction in my wording.

Who will use it?

I asked, why failure reports are not sent by some sites, and would the ones, who do not send failure reports, use the
X.7.30 code. (Thus, if for failure reports there are concerns, while for ESC X.7.30 there are no concerns).

I expect that at least parties who want to fix their DMARC/DKIM implementation will use it.  The aggregate reports
provide hints, that the DKIM implementation does not work.

This ESC is not meant as a shortcut to collecting a lot of reports and analyzing them, it is a mean to act when no
reports are sent.

Regards
  Дилян

On Fri, 2019-08-02 at 23:06 +0200, Rolf E. Sonneveld wrote:
> On 02-08-19 22:54, Murray S. Kucherawy wrote:
> > The wording you're using seems inconsistent to me.. Specifically, 
> > you're saying that x.7.30 means one thing when attached to a 
> > 200-series reply, but the opposite when attached to a 500-series 
> > reply.  I would prefer to see two separate codes if you're going to do 
> > this.
> > 
> > But the bigger question is implementation.  Who would make use of 
> > this, either as a sender or a receiver?
> 
> a receiver could assist a sender in adjusting its egress mail process 
> without the need for the receiver to collect a lot of DMARC reports and 
> analyse them. A sender could use it to improve its outbound mailflow. I 
> doubt however whether anyone will implement this as it assists possible 
> adversaries as well...
> 
> /rolf
>

v2.23.0 | Report a Bug | By Email