IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #1 - SPF alignment

"Murray S. Kucherawy" <superuser@gmail.com> Thu, 28 January 2021 20:41 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BB643A1729 for <dmarc@ietfa.amsl.com>; Thu, 28 Jan 2021 12:41:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6NO2H8fqrQYZ for <dmarc@ietfa.amsl.com>; Thu, 28 Jan 2021 12:41:02 -0800 (PST)
Received: from mail-vs1-xe2a.google.com (mail-vs1-xe2a.google.com [IPv6:2607:f8b0:4864:20::e2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 146413A1724 for <dmarc@ietf.org>; Thu, 28 Jan 2021 12:41:01 -0800 (PST)
Received: by mail-vs1-xe2a.google.com with SMTP id e15so3749438vsa.0 for <dmarc@ietf.org>; Thu, 28 Jan 2021 12:41:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=bV+QmGCRuSzOHlZ/EGFMGCWukKj7S2O5pKycYI8mMV8=; b=s8AWQEF74pHhIApkIvxt77txB5SmrQkf228u1tT+NO1kUjyACAYjH7MHmacfmntGnQ TwV/EcsbaB/urOma0e1ezrCWr06pupkqnRDq1ygN9jhQVnSdHPzoQlHmEWcX/Z6dGeRB HI0Lb6c3NN4EHf1iNSx4pNj47E6vo1dITdSc/1lINmZqdvYX1ql37cLD5AM0pD1UCrNA gMasDtzSH3iJ4sBmulXnX+MHbDo8vcIXv0/ouicLQI/LjF7bveWGcWMqixNnqsKC9C6A oXrOK4ANXGPYQwSFeC2zdNBKPMEbGN9RXmQl9fFXBNz4KJuEgpENjT22WvKegFUmv313 3q/g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=bV+QmGCRuSzOHlZ/EGFMGCWukKj7S2O5pKycYI8mMV8=; b=PeOCKWPBpc7tTbNIX0J7JJVKfGoKkmqyVAvuBUdp3AHNgRE7OsWe1qSFbKQZqb/qeV kYUx3z9E1sSS3XNxSwK+E+qiBkOglHKeEuj2I2E9fJCJ22aR+05ezewfoq+kjibli2kc 3MVQBHeTPU80825L5gdFK0ajtiCdhs+BBoEnEd2EyAWieUh1rM62jWmIIqGg6jJ8cxHC FoGf49+OFs8zpjMsrRe9HlCB3xhLfOM1DU6BrMln1qQqrNe4+b9Rh+mYoLGG+LXGycCG iBcOn7ywvhhqBZF1fVtOrFzWWBTdGeQnka/ADoVo1MSqD8/ILxw436awMXWLTj+BeQfW ZeRA==
X-Gm-Message-State: AOAM532K/9s+rkImoqxTXvW+aYtBtRaCs9f9644vTZi4QsFdGuh3jKXc +PUp5d3jlcmBfHdyKe3gfMnicIBuD4tKEBGRxIqmRX7UUTU=
X-Google-Smtp-Source: ABdhPJx5HF6iaCuYxtwF/yNcSF+WuNgTV5CGmqEonwIHD0zXrNI96WTvmkbH+AKhWxCVO2ZdjY31t6O2PlRaAKkes5k=
X-Received: by 2002:a67:18c6:: with SMTP id 189mr1274599vsy.54.1611866460822; Thu, 28 Jan 2021 12:41:00 -0800 (PST)
MIME-Version: 1.0
References: <bef64e7a-571b-a73f-dc91-aa402ca320c8@taugh.com> <1655426.E2olI3CrJK@zini-1880> <c39916f8-33f5-9876-c018-53085f5cc8f5@tana.it> <3776619.NdRDDhGtae@zini-1880> <81ab38a1-4b0a-3845-fc8c-7d49d7850c26@tana.it> <CAL0qLwZgB4iVSudbJeh8NGiKd1232SBTy4YDG6Zj-=LV+1m6Uw@mail.gmail.com> <fc735412-dfa2-20c8-087f-727b13eb3ad5@tana.it>
In-Reply-To: <fc735412-dfa2-20c8-087f-727b13eb3ad5@tana.it>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Thu, 28 Jan 2021 12:40:49 -0800
Message-ID: <CAL0qLwbYxTXXXpx11L3f1CqBns=fSRho3C+S7q=-DmiPSvxKvg@mail.gmail.com>
To: Alessandro Vesely <vesely@tana.it>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d2a2c005b9fbe7bd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/VfqMsg3bHckQ7a0WSwPK-G-L_Dc>
Subject: Re: [dmarc-ietf] Ticket #1 - SPF alignment
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Jan 2021 20:41:04 -0000

On Thu, Jan 28, 2021 at 4:13 AM Alessandro Vesely <vesely@tana.it> wrote:

> > DKIM (in its simplest form) returns N tuples of the form (d= domain,
> > pass/fail).  All of them were run through exactly the same check; all of
> > them were attached to the message in exactly the same way; all of them
> have
> > essentially identical semantics.  Giving them equal footing makes sense
> to
> > me.
> >
> > The two identifiers in SPF hold different places in the SMTP session, and
> > have different semantics.  I think treating them differently is also just
> > fine.
>
> It is relevant that both identifier come from /the same/ SMTP session.
> That's
> not true for many DKIM signatures.
>

I guess if report consumers really want this information, we can include
it.  I just don't see the value in the HELO parameter if it's effectively
random junk in the session.  At least a passing DKIM signature is
associated with a domain that existed at some point in time and whose DNS
contained apparently-valid public keys.  I can mostly type anything I want
to HELO or EHLO.

-MSK

v2.23.0 | Report a Bug | By Email