IETF Logo Mail Archive

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

Barry Leiba <barryleiba@computer.org> Fri, 23 June 2023 18:51 UTC

Return-Path: <barryleiba@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 573A1C13AE58 for <dmarc@ietfa.amsl.com>; Fri, 23 Jun 2023 11:51:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.55
X-Spam-Level:
X-Spam-Status: No, score=-1.55 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.096, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BS6zTXDpZrxc for <dmarc@ietfa.amsl.com>; Fri, 23 Jun 2023 11:51:07 -0700 (PDT)
Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6952C13AE25 for <dmarc@ietf.org>; Fri, 23 Jun 2023 11:51:07 -0700 (PDT)
Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-3fa7cd95dacso10905845e9.3 for <dmarc@ietf.org>; Fri, 23 Jun 2023 11:51:07 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687546266; x=1690138266; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3v7nYSDI8MNiVQb42xH+MihepXBUKoBTfziXWYgQuBA=; b=E0iHK14E/gGK+n+ADEAU+/pY+PPOWwB2qC00MHag1Sv4kIqVFxSnnlxyiGzM0GNfvc VWcXZM4ab9mLpLMmgSuJ7TTpJLDf9pSDQpq/+VfeEtODC2oUpeTtg944KAatO9giyphM 2T5CIYWuW/D25GkMeqX9aWDw4PFShcUJrrwCj2pUrHrzyFM9mojSUFCZX6q8+GqSyFOC rHROTU10a6tqb6IsMfP0P+uxJVKG6Yufw36giiQzL7vp+ysxZLC7ybGx3u6zWxQ9GGDB nOIFHxPt9/YVw4X4f5SfiGo80AQ6HpTETlMMBg8SeLvWlLZb6sJUnjaqBwh85qzRF2Vo SCNA==
X-Gm-Message-State: AC+VfDyjVxS4n3lPHuZxElVShWNfWFbUJ/wieKbloCdYO+I7s0W2kGLU OcyukmB/oVSqJw74O7pS59Icm6ipA6C4MLiNWPaJ9pwr
X-Google-Smtp-Source: ACHHUZ5EXl2kwwwL2dl8JzrRtPNJmsLk4voKXN6CnZEhJnSQ530zXKIpQk+JpVMcuHgqKi5HNdJxRz6NDrB0NiSaRAk=
X-Received: by 2002:a7b:c5d7:0:b0:3f8:2777:15e with SMTP id n23-20020a7bc5d7000000b003f82777015emr17534721wmk.31.1687546265747; Fri, 23 Jun 2023 11:51:05 -0700 (PDT)
MIME-Version: 1.0
References: <CABZJ8kmg75qo70V-N65b6C4w+g7gX0ehv3CsqG-765BbBGcn=A@mail.gmail.com> <20230623021810.E5F8DF9B3B94@ary.qy> <CAFcYR_WY8MEag7sup_7DnmzRuZJ7zeyJT6TATL45wCKBrsF3UQ@mail.gmail.com> <bfbe77ad-8aba-d803-de06-d734a177066b@taugh.com> <CAFcYR_U=qW0k5EC2_y+B1roXK91uzscT+vS5Y7jrNkG1bTxw5Q@mail.gmail.com> <c1b091c1-86a9-d3e3-5fcb-0b8d7d33fcf2@taugh.com>
In-Reply-To: <c1b091c1-86a9-d3e3-5fcb-0b8d7d33fcf2@taugh.com>
From: Barry Leiba <barryleiba@computer.org>
Date: Fri, 23 Jun 2023 14:50:53 -0400
Message-ID: <CALaySJ+tKTCEJcNR0ehCNq6rGz-ARe=P72OTgOuKoAj1G1zjmA@mail.gmail.com>
To: John R Levine <johnl@taugh.com>
Cc: dmarc@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/TvwmvwGLoDtZnHydY9a6-l98NuY>
Subject: Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jun 2023 18:51:11 -0000

Presumably, a sender who uses DMARC might publish SPF to cover
recipients who don't use DMARC, but would prefer that recipients use
DMARC (authenticated by DKIM only).

Barry

On Fri, Jun 23, 2023 at 1:54 PM John R Levine <johnl@taugh.com> wrote:
>
> > My understanding is that if `auth=dkim` then SPF would be ignored from the
> > perspective of DMARC. So  if a receiver sees DKIM is not DMARC aligned and
> > only SPF is DMARC aligned then it would still be treated as a DMARC fail.
>
> That's my understanding.
>
> > It would be a way for senders to say "yes I checked that all my DKIM
> > signatures are working and aligned, I don't need you to look at SPF and
> > don't want to have the risk of SPF Upgrades.
>
> So why do you publish an SPF record?  Presumably so someone will accept
> your mail who wouldn't otherwise, except you just said they shouldn't.
> Still not making sense to me.
>
> Regards,
> John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc

v2.23.0 | Report a Bug | By Email