IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports

Dotzero <dotzero@gmail.com> Wed, 23 December 2020 10:56 UTC

Return-Path: <dotzero@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4789F3A0EA4 for <dmarc@ietfa.amsl.com>; Wed, 23 Dec 2020 02:56:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HktZ-ztHO_lE for <dmarc@ietfa.amsl.com>; Wed, 23 Dec 2020 02:56:16 -0800 (PST)
Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 71CEA3A0EA2 for <dmarc@ietf.org>; Wed, 23 Dec 2020 02:56:16 -0800 (PST)
Received: by mail-qv1-xf2e.google.com with SMTP id a4so7053713qvd.12 for <dmarc@ietf.org>; Wed, 23 Dec 2020 02:56:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ibAk/LFXoDSS3oxWS3dBYV/KZBo0e5bavLqLSUBCrTE=; b=Ys0QbXDJTGk4L3sJAjgrUc7TeMTVDryMd73biIP+mdb8fNpUHwKkIghBBBa5PWwEYh OwFibzgi3wHq1Erq99zX6qj7l5XE+sPGgn2UaOCTCVQHuV6dl8QirKuFGSU2IcHfnzaK UwUbxXmpsYLhVuSrk30SjzrjVaBhPN5UUMJXI+9GIv2e7sru1ezuMhwffP7QfVcFm3et /loQl+08McbIsO0ECSoVkupMqfnlrnHkGPHJKYueEVWDYQ89wj6IMaXPGMdIHJZ6DQBU juR6ITr5lSNXQNlQkVbC/8MoTbNrbM52zh+QQmz8lMkpaOT87TqKILaOi8NttV1M8DDs BBZw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ibAk/LFXoDSS3oxWS3dBYV/KZBo0e5bavLqLSUBCrTE=; b=Qi+HBxyKXyyVlz1nSnYvR8qTResD8D/435uhHBO2KqdPLrs2Pr8grd/vez2Gv0vcGX sDu+ttJZ4pTLz/+z6W4zFwiXaDIXdkd5KpcFQFDC5kZr3xR5fv1oqIZxXBywR41YRPV2 Udump1d/jUeTxlFYBVwLtI75kSHX6TNTStzZMwitH9p+N4XGtzmN1NPQsxBB1AcpOGWZ DWiXVZQCstim1dTF9eg/3ebN+/Ps0M4HwktEvmnrQUE84S5TkXhWSwJw2n/bP4hrQ2k/ SxasUWC0hpyLbJLbh3rZXqpDgoDR0rbV02VJQaYJmdOHJ7qCJM+kjPhiQdRCW3awKXzN jiXg==
X-Gm-Message-State: AOAM531dfFkHxoF8zgkix/zyN6T375+SfFtdS+0R30n690suoJvwTDQU qm8GMOBb5sQEct1ZhUwxuVCqln3OcnoxH6Z3dZ0=
X-Google-Smtp-Source: ABdhPJz/o/tUiQnyatqtY5guBJ37onH3gHO1e/MTdXwcKxjGe1b69eXgpDKX2+MlwQR81T/Zcm0ifqxt2HBFVavHCuI=
X-Received: by 2002:a0c:dc13:: with SMTP id s19mr26504292qvk.26.1608720975462; Wed, 23 Dec 2020 02:56:15 -0800 (PST)
MIME-Version: 1.0
References: <20201218023900.E73B82ACBB2B@ary.qy> <4a43ffaa-3987-c892-cce7-56f18888cdf5@tana.it> <39125012-e356-d62d-36fd-a7ff25a9f59f@taugh.com> <e6880ba9-f5f3-1050-25c0-658551187512@tana.it> <6bba023-d3d9-63a5-8441-11dac9a05e28@taugh.com> <74051a64-871a-db72-b5d9-1be374e23015@tana.it> <a323077-9b64-555b-3561-62cdc93819fd@taugh.com> <a8281e16-9417-5189-df73-79ea0a865fbd@tana.it> <c713b9ae-a364-1ae0-e79-55f61624aa3d@taugh.com> <3034face-b6fc-0ce2-fa1b-f59210bd6f5b@tana.it> <46339b38-3b24-bcb7-5e73-8a97038ed69@taugh.com> <3997c81d-3b30-0823-a752-fb1d60a44593@tana.it> <74a5c37-19a6-6f6f-a51d-6e5cca5b29e8@taugh.com>
In-Reply-To: <74a5c37-19a6-6f6f-a51d-6e5cca5b29e8@taugh.com>
From: Dotzero <dotzero@gmail.com>
Date: Wed, 23 Dec 2020 05:56:04 -0500
Message-ID: <CAJ4XoYdXWTgADpdL1eJuYGnpSY038vj-FW_x1f2rEp1JL0r2oA@mail.gmail.com>
To: John R Levine <johnl@taugh.com>
Cc: Alessandro Vesely <vesely@tana.it>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000049070a05b71f8a87"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/TzgFXnWLRVN2jG0wlkElHkz54Bc>
Subject: Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Dec 2020 10:56:18 -0000

On Tue, Dec 22, 2020 at 11:39 AM John R Levine <johnl@taugh.com> wrote:

> I think that text is way too long and overspecific but we've already spent
> too much time on this so I'll stop and see if there are other opinions.
>
>
> On Tue, 22 Dec 2020, Alessandro Vesely wrote:
> > OLD
> >
> >   "Failure reports," or "failed message reports," provide diagnostic
> >   information about messages that a Mail Receiver has determined do not
> >   pass the DMARC mechanism.  These reports are generally sent at the
> >   time such messages are received and evaluated, to provide the Domain
> >   Owner with timely notification that such failures are occurring, and
> >   to provide information that may assist in diagnosing the cause of the
> >   failures.
> >
> >
> > NEW
> >
> >   Failure reports provide detailed information about the failure of a
> single
> >   message or a group of similar messages failing for the same reason.
> They
> >   are meant to aid extreme cases where a domain owner is unable to
> detect > why
> >   failures reported in aggregate form did occur.  As an extension of
> other
> >   kinds of failure notifications, these reports can contain either the >
> content
> >   of a failed message or just its header.  The latter characteristic
> entails
> >   severe privacy concerns.  For that reason, and because it turned out
> not > to
> >   be important, failure reporting is usually disabled.
>
>
The following is factually and technically incorrect: " The latter
characteristic entails severe privacy concerns." The latter characteristic
"the header". In fact, the full message can contain much more PII and/or
PHI.


> Regards,
> John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly


I agree with John. I'll go further and say that the working group should
focus on what the IETF does best - technical specifications that involve
interoperability - and avoid straying too far into the realms of law and
politics. While the EU and GDPR may impact choices that operators make,
there are other legal jurisdictions in the world. Further, my experience
has been that many operators (receivers) only provide failure reports when
contractual relationships (direct or indirect) exist between the parties
involved. This can certainly meet the privacy requirements of GDPR and
other privacy regulations.

In conclusion, suppositional assertions such as " For that reason, and
because it turned out not to be important, failure reporting is usually
disabled." should not be included in the proposed standard. Could someone
(anyone?) provide data that failure reports are not important? One example
of the importance and usefulness of failure reports is for domains that
actually have control of their mail flows. By pulling all the URLs from
failure reports (received through a contracted party) and then removing all
the URLs which we included in the mail that we had originally sent, all
that was left was 100% badness and maliciousness. This significantly
empowered our takedown efforts.

Michael Hammer

v2.23.0 | Report a Bug | By Email