IETF Logo Mail Archive

Re: [dmarc-ietf] Organizational domains, threat or menage, was On splitting documents and DBOUND

Jesse Thompson <jesse.thompson@wisc.edu> Fri, 13 November 2020 17:10 UTC

Return-Path: <jesse.thompson@wisc.edu>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 215013A0F74 for <dmarc@ietfa.amsl.com>; Fri, 13 Nov 2020 09:10:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wisc.edu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W2abE7saYgRw for <dmarc@ietfa.amsl.com>; Fri, 13 Nov 2020 09:10:37 -0800 (PST)
Received: from wmauth3.doit.wisc.edu (wmauth3.doit.wisc.edu [144.92.197.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8A9983A0F5E for <dmarc@ietf.org>; Fri, 13 Nov 2020 09:10:37 -0800 (PST)
Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12lp2172.outbound.protection.outlook.com [104.47.55.172]) by smtpauth3.wiscmail.wisc.edu (Oracle Communications Messaging Server 8.0.2.4.20190812 64bit (built Aug 12 2019)) with ESMTPS id <0QJQ003YQVNVIP20@smtpauth3.wiscmail.wisc.edu> for dmarc@ietf.org; Fri, 13 Nov 2020 11:09:32 -0600 (CST)
X-Wisc-Env-From-B64: amVzc2UudGhvbXBzb25Ad2lzYy5lZHU=
X-Spam-PmxInfo: Server=avs-3, Version=6.4.7.2805085, Antispam-Engine: 2.7.2.2107409, Antispam-Data: 2020.11.13.170018, AntiVirus-Engine: 5.77.0, AntiVirus-Data: 2020.10.22.5770001, SenderIP=[104.47.55.172]
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cgYad6sHzJZUw+eCyS52AEvU0E+BIvDcSJJeTveHxpDqOEKuy8IQC0NzJySGrAI8oiqL+wxnMf2USHMLCm9vg5b9diqVlddhu/6YerAXiA0DiUL2sdXszib8L4GGhbqzO2f23kAh0jqw9xyK84XsGYw/RunXyswJ9KW/79f1ceVzxRw0UzeQJWYpLn4yKMVwJev8JJPSvysIxnaGxVawmnSdd6z4KvDnxOiFazQ2Y2vj79uh3sH+r1KgtHAxNKrXgoUYVs1yi9E5LcY8ApR92m50Y5zSR9Isp0H6cmX1WPoD0aUj1n6dxLL02TSPmbqTTKqTAKnr795rggnnMt/7DA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u/pf5++V9gBl41Cx6RL5kI4STb/BhPSjvN/94ShfW3Y=; b=LsptdN7RfUxfsRFRyfRx5gJJEXQhyIuspASmJ3hgX4+X87pyjBPxrB2S2fiW6hjKuYg4AYXxEqU8cBwWPJsfH7Zizde6Pi+aBqqA2yIyCFwLr9bNn1wPhPn5epgqhIqLaEJFri3g/lpfngkBb5Xy+qFwq15KGvw52PAKNicKUnE1LMr3m6CQxpKWsNkbraGD7sFOIxr/u5da1Rj9cj78BT9WHS7y1QCTw5iNLZzGanPMiTErajI2GSxG6hIrB311CNA7DCZAXiV8zMlAAvUzTTk7CQA68buJBLA5ATtaDr6LVe8WcUZpC74fD+8VyxDpx+VPnSmFap3BW5xAIt68iA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=wisc.edu; dmarc=pass action=none header.from=wisc.edu; dkim=pass header.d=wisc.edu; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wisc.edu; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=u/pf5++V9gBl41Cx6RL5kI4STb/BhPSjvN/94ShfW3Y=; b=bD9MVj0uELFwWMA3WZtmTqHyO9Gn0ImgkT4A+GRMWO6p86Y8QaH+AGWgjge/Qto7ISPw6jyBusd4UEYxlA0XuiZQv2WQ3zXTVfydynmHAsAXiajamIxZjKIFF1cviGPN8w5f+f5A/UiAuDCsjwhsOvS5Cq5/LDTPv8nm0+ZZaUE=
Received: from PH0PR06MB7061.namprd06.prod.outlook.com (2603:10b6:510:21::8) by PH0PR06MB7559.namprd06.prod.outlook.com (2603:10b6:510:5c::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.18; Fri, 13 Nov 2020 17:09:30 +0000
Received: from PH0PR06MB7061.namprd06.prod.outlook.com ([fe80::2106:a617:3a39:fd98]) by PH0PR06MB7061.namprd06.prod.outlook.com ([fe80::2106:a617:3a39:fd98%7]) with mapi id 15.20.3499.032; Fri, 13 Nov 2020 17:09:29 +0000
To: dmarc@ietf.org
References: <20201111181837.79128262943F@ary.qy> <f1eabf10-0278-a6cc-997b-333e89446c16@dcrocker.net> <6fd681e2-cabe-2fb0-61f4-9019ce98458e@taugh.com> <c18f2987-84d6-9ef4-b57d-912094e3031c@dcrocker.net> <CAMSGcLCOUG_a13kwgU==HdpHG+ZpMO5caO2tXKqk3TH=N7-8XA@mail.gmail.com> <CAJ4XoYc02dB8Ftocus67hV2eM4uHgYFQed2xP1b5RSKgvCz4NA@mail.gmail.com> <CAMSGcLC+n5HJU_pbE9VuMgEFs9BPeB32ZvAmjgSsr8kysdk_Ug@mail.gmail.com> <CAJ4XoYeUM07HnZihONo1oreL7UHDq+8+XckDg5KcKm5Abe-E1w@mail.gmail.com>
From: Jesse Thompson <jesse.thompson@wisc.edu>
Message-id: <903acb7d-847e-c87c-f21b-dcfa698bfd89@wisc.edu>
Date: Fri, 13 Nov 2020 11:09:27 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.4.1
In-reply-to: <CAJ4XoYeUM07HnZihONo1oreL7UHDq+8+XckDg5KcKm5Abe-E1w@mail.gmail.com>
Content-type: text/plain; charset="utf-8"
Content-language: en-US
Content-transfer-encoding: 8bit
X-Originating-IP: [47.12.96.133]
X-ClientProxiedBy: CH2PR05CA0058.namprd05.prod.outlook.com (2603:10b6:610:38::35) To PH0PR06MB7061.namprd06.prod.outlook.com (2603:10b6:510:21::8)
MIME-version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.0.2.111] (47.12.96.133) by CH2PR05CA0058.namprd05.prod.outlook.com (2603:10b6:610:38::35) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3564.21 via Frontend Transport; Fri, 13 Nov 2020 17:09:29 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: fa38e7e5-82a7-45ca-feea-08d887f6e20f
X-MS-TrafficTypeDiagnostic: PH0PR06MB7559:
X-Microsoft-Antispam-PRVS: <PH0PR06MB7559EFFD5B36E92C65CBEB89F6E60@PH0PR06MB7559.namprd06.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: /AzEyveMEzVVaUzRLTpYTkrQfxcBogI28Wd+xUYW8qN4yqCeK7p1DwjeBagzMeYwo3Yh1Ae0gFvMD9WXcMPDXlmg0unphgG9bzWLkyBxUvgvRJBjFDD1/S03weXSVIR8VSDpOctQmLqo0VWXk3kAyFLp2XMebJ9e3rTI85b7HJGXMR69saFQBOr6xes4aOg7Wc3S3XTzgYXFrRQEJlPGKDA5SYN0WQbB4NBI7bU58zIFobnpksiaT1MNbGgVub9oFQfhc+48eTGwVomNTN3og4hr1ZC+1/Y2ONMEKaIxie8PaME1UzjOyk0rp2MRQv+yU8cmoIMb2DnapV8xN04U8izh38XX+hr+BAJk5k6HwuRiuHM96AlMeCpM4LVOgar14vyabn6bAsy43ua1PrvIP6S9KEwWLhNL443mfPvwaU60B8Un5PRBghq/40g4g0RbmurFZc/7ydWPFZ4D8AeUVQ==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR06MB7061.namprd06.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(396003)(136003)(39860400002)(366004)(376002)(66556008)(956004)(478600001)(2616005)(66476007)(5660300002)(31696002)(8676002)(6486002)(16576012)(66946007)(44832011)(6916009)(86362001)(53546011)(316002)(31686004)(786003)(186003)(16526019)(83380400001)(75432002)(8936002)(26005)(2906002)(36756003)(43740500002); DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData: eBPKZc27xLjP1AIGe4YbDALDQF89gIAje8vhbh3ApIxxMI+G/hCpH/MycYEl2OB3uID0jdSzV4fM6R4/U8eIqLph+mVDLFj0R3ho/EW+uT0yjBY/dZN8s46SKnj3VexyOvjN6gGm1S+Y2cjeNaVx+8SjSUirP0LAFf5QU3FnwWPQbsdTyd4JY48SqeJ+ZQl4ZMEWQ+Mr49vZ3ZfI7+jIIQ/OQdqBZFVSG+7mO1xd+IJFTFQDrbfYs9QqW1rnGkypSNz36z896ar61uV6TnQ7RD0srxdpdkHpekE5YXUGUL+A061AJKbQhNRdx03EzmTnAdC2fObXgC15morXE4PCcyrTeunX3IkPFKHNxFzHXeJLl3vtvu9h/eR2P4tEAGBlWjz9NaQfJrCmwLxByIOB97xn5ClMheuI37qUxoxUpNv8qjopt04fPJ6ar7RjuBxBBGjeBlPScFvrNrKU2MJ7bv21qFcNlr7iCVAyenUkI+h86bPwdpJXa1GcjaOY1srIFHfgZHNEkF3QXoxbPgyTbJRMkLBkpNL8mZNZDr5EhQ7ZRBC92jxUVcdFm1pLdP/0VpK13ep7nJAdGwvrQg8rHDa8beJwyZ+ZdrjZBICvkK807ibHu7VkxZ00igWvRwRps9xiDny7so1tNb0HxR02sQ==
X-OriginatorOrg: wisc.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: fa38e7e5-82a7-45ca-feea-08d887f6e20f
X-MS-Exchange-CrossTenant-AuthSource: PH0PR06MB7061.namprd06.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Nov 2020 17:09:29.8693 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 2ca68321-0eda-4908-88b2-424a8cb4b0f9
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: JGEhg6Qbt26HsBX/iZzKwS81C33Z5iV8SuPMZ3SV81IIl4ONUsJPz5nDg5KxrzSC3WiqgHxVA1JuDMPxB/Hpeg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR06MB7559
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/UcqLc8o36z0gINkGgv1jj3foEaY>
Subject: Re: [dmarc-ietf] Organizational domains, threat or menage, was On splitting documents and DBOUND
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Nov 2020 17:10:39 -0000

On 11/13/20 9:03 AM, dotzero@gmail.com wrote:
> 
> 
> On Fri, Nov 13, 2020 at 9:46 AM Joseph Brennan <brennan@columbia.edu <mailto:brennan@columbia.edu>> wrote:
> 
> 
> 
>             As another case, would people be surprised that email for the medical center cumc.columbia.edu <http://cumc.columbia.edu> is a separate system managed by a separate IT group from columbia.edu <http://columbia.edu>, and that any authentication for one should not be applied to the other?  I don't think this is unique in large decentralized universities. The real email world is a complicated place.
> 
> 
>         The simple solution is for  cumc.columbia.edu <http://cumc.columbia.edu>to publish its own record. Done.
> 
>         Michael Hammer
> 
> 
>     I don't think I have the right to force the owner of another domain to publish dmarc. The owner of the other domain may want to allow users in their domain to contribute to lists and groups without having their messages rejected, or mangled by well-intentioned workarounds. This is not simple. This is a real-world case with the domains ending columbia.edu <http://columbia.edu>. 
> 
> 
> If CUMC publishes a DMARC record for cumc.columbia.edu <http://cumc.columbia.edu>, how is it forcing another domain to do anything? As far as "owner of a domain", If Columbia University registered the domain columbia.edu <http://columbia.edu>, then CUMC is using the subdomain because Columbia University is allowing it to, presumably through some sort of written agreement. A technical standards body cannot address business and contractual arrangement in the manner you appear to be asking. If Columbia University stopped delegating the subdomain cumc.columbia.edu <http://cumc.columbia.edu>, would you turn to the IETF for redress?  

You can't think of universities as single entities with central management authority.  For the longest time our CS department owned wisc.edu and central IT had to ask them for permission to use it for campus-wide email.

Yes, 3rd level domains should be encouraged to publish DMARC records for their domains to reflect how they are being used, and putting p=none not a big ask of them.  

The departmental IT who understand DMARC immediately ask: "How do I publish a subdomain policy?  Oh, I can't?  Well, you better not ever change sp=none at the org domain."

Jesse

v2.23.0 | Report a Bug | By Email