[dmarc-ietf] Ticket #28 - Failure report mail loops
Alessandro Vesely <vesely@tana.it> Fri, 04 December 2020 11:10 UTC
Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78FB63A09C6 for <dmarc@ietfa.amsl.com>; Fri, 4 Dec 2020 03:10:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EtO9Hh_oCKau for <dmarc@ietfa.amsl.com>; Fri, 4 Dec 2020 03:10:32 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 84B6A3A09C4 for <dmarc@ietf.org>; Fri, 4 Dec 2020 03:10:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1607080228; bh=Obe1tfuB3p8C3dODDBxqzjoOpT3CmF4DCfGT4sIlZFg=; l=2001; h=To:From:Date; b=BMlLFE9usEo4FtATQ1cLgWbTqKvPg2dCngx/kY2b4UzQFkuaMV1sXuJBcZhN/c5FC yxoN/eoZ+qsAFANb/cn08Q2RlKjGIvc+KN/+GLoSSsWXFpAFqTtEE1PHO5gdammm2V +iS+EWGkCLGeUuU/OVhhxBWalKCGSaJ3fnX0yMUzwnrYEP/pI42cBFLe7hpwx
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC083.000000005FCA1924.00003BF2; Fri, 04 Dec 2020 12:10:28 +0100
To: dmarc-ietf <dmarc@ietf.org>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <0408ae98-e1c1-71fe-fdd4-8bc7a7c151d3@tana.it>
Date: Fri, 04 Dec 2020 12:10:28 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/W3uGPEpT3Yi5lqKntZXyL8jkNjk>
Subject: [dmarc-ietf] Ticket #28 - Failure report mail loops
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Dec 2020 11:10:35 -0000
We would like to close this ticket by Dec 18, two weeks from now, so please get
on it.
The ticket originated from John's comment, in May 2019:
Apropos recent discussions, we could recommend that failure reports be
rate limited per recipient both to break loops and to deter indirect
mail bombing.
The current draft discusses the topic toward the end of the introduction of
Section 3, before the first subsection:
An obvious consideration is the denial-of-service attack that can be
perpetrated by an attacker who sends numerous messages purporting to
be from the intended victim Domain Owner but that fail both SPF and
DKIM; this would cause participating Mail Receivers to send failure
reports to the Domain Owner or its delegate in potentially huge
volumes. Accordingly, participating Mail Receivers are encouraged to
aggregate these reports as much as is practical, using the Incidents
field of the Abuse Reporting Format ([RFC5965]). Various aggregation
techniques are possible, including the following:
* only send a report to the first recipient of multi-recipient
messages;
* store reports for a period of time before sending them, allowing
detection, collection, and reporting of like incidents;
* apply rate limiting, such as a maximum number of reports per
minute that will be generated (and the remainder discarded).
Some issues the WG may want to consider:
1. That whole passage should be moved to its own subsection of Section 5,
"Security Considerations". Only a reference should be left in the intro.
2. In the first *-bullet above, the sense of multi-recipient is ambiguous. An
explicit mention of ruf= might help.
3. The 2nd and 3rd *-bullets may need expansion. Propose text in case.
4. Some explicit loop prevention specification may be added. For example:
4.1. send reports from a subdomain having a DMARC record without ruf=, or
4.2. never send failure reports about failed reports.
Best
Ale
--
- [dmarc-ietf] Ticket #28 - Failure report mail loo… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… John Levine
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… Murray S. Kucherawy
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… John Levine
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… John Levine
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… John Levine
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… John R Levine
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… Dave Crocker
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… Alessandro Vesely
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… John R Levine
- Re: [dmarc-ietf] Ticket #28 - Failure report mail… Alessandro Vesely