IETF Logo Mail Archive

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

John R Levine <johnl@taugh.com> Fri, 23 June 2023 17:54 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2785C1524AA for <dmarc@ietfa.amsl.com>; Fri, 23 Jun 2023 10:54:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.098
X-Spam-Level:
X-Spam-Status: No, score=-7.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b="siFSJeAJ"; dkim=pass (2048-bit key) header.d=taugh.com header.b="S4BjetB8"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0hGhUB9uAMaR for <dmarc@ietfa.amsl.com>; Fri, 23 Jun 2023 10:54:07 -0700 (PDT)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43BC3C1519BE for <dmarc@ietf.org>; Fri, 23 Jun 2023 10:54:06 -0700 (PDT)
Received: (qmail 67832 invoked from network); 23 Jun 2023 17:54:05 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=108f6.6495dc3d.k2306; bh=s9Vc85MFyBi4gOAivL9qTrw3MjoLesO4Bn9+/WQni/Q=; b=siFSJeAJHe4Hvyq7aYxe1WAwAqETWkNzWhxtfd8U81hVc3+lTGCZkc/EcjCz172r9xpStlHedsgKEfQg1PB9ECN6OSTIfY2XlYpkOw7CM7n9gZB3XoaXCI3piO7Xa1FRXKRbJWpNnPIqKD7Zmw0vP5KtpmAST3heASEC+w7/yZZ7SntAiIfOW3xc4QkkBTolA6nZsjJJkfMopkop7q+6i90e0EdnzQESu56Jr3XkrjGEYVfQcQKwWBeBNvU/p05Hita19cfsSfGwTFqU7DB0OQ7MJcdKJSpZ6Ay0/QmwcxumYBv2o98VwAsBABt8+QCfXDxMqjFbvgBPBmNSlIyC6A==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=108f6.6495dc3d.k2306; bh=s9Vc85MFyBi4gOAivL9qTrw3MjoLesO4Bn9+/WQni/Q=; b=S4BjetB8DZwRw9HV5Z4hYLVli9ZQFRag2ava653SOg09uebuanEsEFojV6ic6VRPR9FUY1/On6RSDAzuzHC8Ehd7eredpbnYhy8qL3UTv00h0aggYacbQMyjqfL/rMnSDttuZFlvlg0slBoDVi6yCgC3VF5EenCVvLM6GwzowZzFBBE51IwOTwLfmXj3uPAiRykL9U5OjEWem80XvYpziQYrLD0mTSrZivMH5s9TWcOAeRl6OGfGxJxvwEfaKfGtWFdo4H21DtPYSuM80NqXBFwdDRmk1HG3yYdtgYnZLFCirkmxfB7rqUTZ4QO50ZaRwSJr//B6XybdfcM7T68c/Q==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 23 Jun 2023 17:54:05 -0000
Received: by ary.qy (Postfix, from userid 501) id 8B0AEFA3700C; Fri, 23 Jun 2023 13:54:04 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 7F36FFA3700B; Fri, 23 Jun 2023 13:54:04 -0400 (EDT)
Date: Fri, 23 Jun 2023 13:54:04 -0400
Message-ID: <c1b091c1-86a9-d3e3-5fcb-0b8d7d33fcf2@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Emanuel Schorsch <emschorsch@google.com>
Cc: dmarc@ietf.org, emgu@google.com
X-X-Sender: johnl@ary.qy
In-Reply-To: <CAFcYR_U=qW0k5EC2_y+B1roXK91uzscT+vS5Y7jrNkG1bTxw5Q@mail.gmail.com>
References: <CABZJ8kmg75qo70V-N65b6C4w+g7gX0ehv3CsqG-765BbBGcn=A@mail.gmail.com> <20230623021810.E5F8DF9B3B94@ary.qy> <CAFcYR_WY8MEag7sup_7DnmzRuZJ7zeyJT6TATL45wCKBrsF3UQ@mail.gmail.com> <bfbe77ad-8aba-d803-de06-d734a177066b@taugh.com> <CAFcYR_U=qW0k5EC2_y+B1roXK91uzscT+vS5Y7jrNkG1bTxw5Q@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/Uqb0z3GRem3xzUCIAb1PWkkF3qI>
Subject: Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Jun 2023 17:54:12 -0000

> My understanding is that if `auth=dkim` then SPF would be ignored from the
> perspective of DMARC. So  if a receiver sees DKIM is not DMARC aligned and
> only SPF is DMARC aligned then it would still be treated as a DMARC fail.

That's my understanding.

> It would be a way for senders to say "yes I checked that all my DKIM
> signatures are working and aligned, I don't need you to look at SPF and
> don't want to have the risk of SPF Upgrades.

So why do you publish an SPF record?  Presumably so someone will accept 
your mail who wouldn't otherwise, except you just said they shouldn't. 
Still not making sense to me.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email