IETF Logo Mail Archive

Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows

Pete Resnick <resnick@episteme.net> Wed, 29 March 2023 01:06 UTC

Return-Path: <resnick@episteme.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9C9EC1524B3 for <dmarc@ietfa.amsl.com>; Tue, 28 Mar 2023 18:06:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=episteme.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QqeK29Gsvl-P for <dmarc@ietfa.amsl.com>; Tue, 28 Mar 2023 18:06:14 -0700 (PDT)
Received: from mail.episteme.net (episteme.net [216.169.5.102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E208C1524DE for <dmarc@ietf.org>; Tue, 28 Mar 2023 18:06:11 -0700 (PDT)
Received: from [31.133.138.192] (dhcp-8ac0.meeting.ietf.org [31.133.138.192]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.episteme.net (Postfix) with ESMTPSA id 4F93D102CCB; Tue, 28 Mar 2023 20:06:09 -0500 (CDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=episteme.net; s=mail; t=1680051970; bh=qh//TQ7WAc45yRQ8+iRcJFJZHRafs3ZTuwqhPF6F46g=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=RNjYYYbV1sbWywsFC0mprTr2UDb6ybjqDsElOQ8c1mpz4KVWbcILO3F9ADD/N2d2c rPQzY+yR/heP+oqNhRRKQOLo739dd6MGex2P4rzF+Q+vEccQc1PAvVOcTCO1GD0Ya0 uvkvEmDVYiNTqqu2BM0b6xGio7DeyxZr4jsmS0Uk=
From: Pete Resnick <resnick@episteme.net>
To: Todd Herr <todd.herr@valimail.com>
Cc: dmarc@ietf.org
Date: Wed, 29 Mar 2023 10:06:06 +0900
Message-ID: <FCFEB95E-63F9-46C3-A5F4-FA6B02FA8EB5@episteme.net>
In-Reply-To: <CAHej_8msLJQ0vbZ2jzitjxrQ1wdim5bHJkiD-QrU5F0EJvQp0g@mail.gmail.com>
References: <CALaySJ+NBg9vzqa0_t-sBf7EKXQ3A=DTyy-Vc7M-ZK9-vfJxmw@mail.gmail.com> <6319292.vCqnBZbX7o@localhost> <CAHej_8nd1xyAgwASLJbuJHyXEAfHbjqxNH1XtJxKFyfyOneyug@mail.gmail.com> <13145172.pEV04Z3DvM@localhost> <CAHej_8msLJQ0vbZ2jzitjxrQ1wdim5bHJkiD-QrU5F0EJvQp0g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="=_MailMate_86939402-8AFA-4F03-86B5-B3DD0DFD3F17_="
Content-Transfer-Encoding: 8bit
X-Synology-Spam-Flag: no
X-Synology-Spam-Status: score=-0.1, required 6, ARC_NA 0, FROM_HAS_DN 0, TO_DN_SOME 0, TO_MATCH_ENVRCPT_ALL 0, MIME_GOOD -0.1, __THREADED 0, HTML_MISSING_CTYPE 0, RCPT_COUNT_TWO 0, HTML_MESSAGE 0.001, RCVD_COUNT_ZERO 0, FROM_EQ_ENVFROM 0, MIME_TRACE 0, __NOT_SPOOFED 0, MID_RHS_MATCH_FROM 0, __HDRS_LCASE_KNOWN 0, NO_RECEIVED -0.001
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/VU2rxtPnf97oemZrvpKoLQwfmEo>
Subject: Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2023 01:06:18 -0000

On 29 Mar 2023, at 5:20, Todd Herr wrote:

> In my estimation, the language you propose here establishes the 
> primacy of interoperability over the needs/wishes of the domain 
> owner. 

As is appropriate for such normative language. From RFC 2119:

6. Guidance in the use of these Imperatives

    Imperatives of the type defined in this memo must be used with care
    and sparingly.  In particular, they MUST only be used where it is
    actually required for interoperation or to limit behavior which has
    potential for causing harm (e.g., limiting retransmisssions)  For
    example, they must not be used to try to impose a particular method
    on implementors where the method is not required for
    interoperability.

> My preference is for language that acknowledges the primacy of the 
> domain owner over interoperability.

Not only ought there not be primacy of the needs/wishes of the domain 
owner over interoperability, the IETF has repeatedly rejected such a 
principle. An implementer might decide to implement a security backdoor, 
but our protocol documents say that you MUST NOT do that. An implementer 
might decide to violate TCP retransmission timer requirements to get 
better performance, but our protocol documents say that you MUST NOT do 
that. We document interoperability; we do not give primacy to the wishes 
of of domain owners.

If you agree that interoperability is increased, then I'd suggest that 
you actually do agree that the proposed text is appropriate.

pr
-- 
Pete Resnick https://www.episteme.net/
All connections to the world are tenuous at best

v2.23.0 | Report a Bug | By Email