IETF Logo Mail Archive

Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows

Matthäus Wander <mail@wander.science> Mon, 10 April 2023 10:53 UTC

Return-Path: <mail@wander.science>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4919BC1522A4 for <dmarc@ietfa.amsl.com>; Mon, 10 Apr 2023 03:53:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=wander.science
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WnHbvpJLZIUy for <dmarc@ietfa.amsl.com>; Mon, 10 Apr 2023 03:53:22 -0700 (PDT)
Received: from mail.swznet.de (cathay.swznet.de [IPv6:2a01:4f8:13b:2048::113]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 620A2C151B0C for <dmarc@ietf.org>; Mon, 10 Apr 2023 03:53:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=wander.science; s=cathay; h=Subject:Content-Transfer-Encoding:Content-Type: In-Reply-To:From:References:To:MIME-Version:Date:Message-ID:Sender:Reply-To: Cc:Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=FRTINgZN+fohQ8LpATN1KML1TN0tKzNO+gEBZnSakzw=; b=FHldrc+3RRXw0xHd0iWwiaPv+u CBECnsXamOlYNtyk+J5XFPqHeMRPZZwJIDkOxqXeM4h2Q/1cPAzvVLsNnkYVEeJvhaoljEdG5WDtd nX4fnFnliHkrU7vgx/P6OXwmlWZmWT+0nMZ7Yef5bSrirMQOMDrY3yZeQs+FQLMw/EhvMgf9fDlZF v/LsHgq8kwDIOtplcOkBGt1C62NfQl41AXenxdqIfqLH3kzwPoHfE1cvYKXX52Ivt6OS2IqTyt35S zLzFnGBhYXdHU5VjlACrVh0Vec0rTo2fhyR/5JBGft9A9Z0QQpdjzs5K8YXKcGBJFn47qUtNiYuAv XEYLDsJg==;
Received: from dynamic-2a01-0c23-6d0e-6800-e899-5aaa-0521-5c17.c23.pool.telefonica.de ([2a01:c23:6d0e:6800:e899:5aaa:521:5c17]) by mail.swznet.de with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from <mail@wander.science>) id 1plp9C-00A86V-4a for dmarc@ietf.org; Mon, 10 Apr 2023 12:53:19 +0200
Message-ID: <2a098d10-5c20-0578-3489-d5a4dc747c16@wander.science>
Date: Mon, 10 Apr 2023 12:53:18 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.9.1
Content-Language: en-US
To: dmarc@ietf.org
References: <20230409140729.30283BE112B3@ary.qy>
From: Matthäus Wander <mail@wander.science>
In-Reply-To: <20230409140729.30283BE112B3@ary.qy>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-SA-Exim-Connect-IP: 2a01:c23:6d0e:6800:e899:5aaa:521:5c17
X-SA-Exim-Mail-From: mail@wander.science
X-SA-Exim-Version: 4.2.1 (built Sat, 13 Feb 2021 17:57:42 +0000)
X-SA-Exim-Scanned: Yes (on mail.swznet.de)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/VzZARB8hpd6M6YqpRCkIlOyfq_Y>
Subject: Re: [dmarc-ietf] Proposed text for p=reject and indirect mail flows
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2023 10:53:26 -0000

John Levine wrote on 2023-04-09 15:55:
> When someone sets a DMARC policy for mail from people, it's hard to
> think of a time when they asked at wll whether that was what the
> people wanted. Or if they did, they asked something like "do you want
> your mail to be more secure?" which misses the point.

A domain owner can set their policy without asking their users for 
permission. Not every sender with mail from people is a mail service 
provider catering to the general public.

> PS: I can make anyone's mail 100% secure by unplugging your mail
> server but I'm pretty sure that's not what you want.

You can also ensure interoperability by demanding they MUST NOT use any 
type of authentication, because all it does is impairing mail flows, 
while the security benefit is nothing that IETF standards should mandate 
about.

Neither of these extremes is helpful to actually achieve 
interoperability or security.

Regards,
Matt

v2.23.0 | Report a Bug | By Email