Re: [dmarc-ietf] Ticket #1 - SPF alignment

John R Levine <johnl@taugh.com> Sat, 30 January 2021 22:09 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C90DF3A11CB for <dmarc@ietfa.amsl.com>; Sat, 30 Jan 2021 14:09:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=eT8solQz; dkim=pass (2048-bit key) header.d=taugh.com header.b=mXdDDYIs
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 212p5j59IquS for <dmarc@ietfa.amsl.com>; Sat, 30 Jan 2021 14:09:10 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6A6463A11CA for <dmarc@ietf.org>; Sat, 30 Jan 2021 14:09:10 -0800 (PST)
Received: (qmail 17414 invoked from network); 30 Jan 2021 22:09:07 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=437b.6015d903.k2101; bh=a/vQGy9CogTrDd+rmIyrwcVvjdn9s3nZosN3rmPHphI=; b=eT8solQzOQQBGcTVRJ2DJa4otBVxQylwgtShDBM+K+0kAU4wqO67fzyapjonbfqmS5AchjB6R4G8EqGWWEDRLma/RAN7spvnUBYGrvfuGtAoso1NdBHCIPAffrrdaU0nsabtkzPI41c+rJVI3eGiklYPmcks79ynPVVCuFpdldsgAmcIWcyN7GegPjAPGY4e8JVnz1JqpuKnxaVlur6NJnVixZeWXJJkg5CtUYAf97FppNgIIZtoINiECln5Wz2eFvo5m8iGUytmYbVtKnAeXMlBQGWbApXxBgqYPL28rAR1ZO0GPM6+ykLSnhI+6DS0LJPXvLZSaa6z39/zgdubHg==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=437b.6015d903.k2101; bh=a/vQGy9CogTrDd+rmIyrwcVvjdn9s3nZosN3rmPHphI=; b=mXdDDYIsYVQvqO8bArdEORCEy7ngU+bbaE+R/4LL0isr1w1W8H0QzQVQ3aGVnRYS8oVskEa1MaX3SwJfXVLsuQv3ivJVHI8U1UwI8wo4TLT7hTYibdr4X1fH/U+KwWFebWtk1zI/1x5LA7ZOw3oRGo164eqjypXHVZwkq5VryRgaFiDCyl/IvbgN8ZBIvzM8Bi/dgzqpVeLeNNNEYXF0PR3tRtM0Jnks8SDlxUaPkKr0m4ZRCLuCoHX6EBLEBNkPX5RsRxF/OP4NXARzjGUm+b40SqTOTQDgD0RQHtBwye83hPcNb+fB7xKhz3uy8E+CWxNSCFDm/65ecbv/eZ9NKw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 30 Jan 2021 22:09:06 -0000
Received: by ary.qy (Postfix, from userid 501) id 8D1516D05156; Sat, 30 Jan 2021 17:09:06 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 51BCD6D05138; Sat, 30 Jan 2021 17:09:06 -0500 (EST)
Date: 30 Jan 2021 17:09:06 -0500
Message-ID: <ae9761b9-1560-da7e-89e5-34f570d24fc5@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Jim Fenton" <fenton@bluepopcorn.net>
Cc: dmarc@ietf.org
In-Reply-To: <892F89B5-F86C-4BAD-A88F-C7A48B930D04@bluepopcorn.net>
References: <20210130212339.447316D04763@ary.qy> <66EB1EFC-753D-49FA-8652-BABB10397990@bluepopcorn.net> <1edea785-2420-9812-643-c38bc4bf9577@taugh.com> <892F89B5-F86C-4BAD-A88F-C7A48B930D04@bluepopcorn.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="0-1804830107-1612044546=:95381"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/WWh1thKaemfqiaKtQAFG78Vea6Q>
Subject: Re: [dmarc-ietf] Ticket #1 - SPF alignment
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Jan 2021 22:09:13 -0000

On Sat, 30 Jan 2021, Jim Fenton wrote:
>> Part of the problem here is that DMARC generally sits on top of an SPF 
>> library which doesn't tell you how it got its result.  My DMARC code just 
>> calls the SPF library and uses the result.  I suppose I could put in a hack 
>> to say don't use the SPF result if the MAIL FROM is null, but I don't think 
>> that's what 7489 says.
>
> Are changes to 7489 off the table here? I didn’t know.

They are certainly possible, but I would want a good reason.  At this 
point, SPF using HELO seems harmless so I don't see a reason to disallow 
it.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly