IETF Logo Mail Archive

Re: [dmarc-ietf] DMARCbis issue: what is DMARC ?

Dotzero <dotzero@gmail.com> Sun, 26 May 2019 16:15 UTC

Return-Path: <dotzero@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B80DC1201A1 for <dmarc@ietfa.amsl.com>; Sun, 26 May 2019 09:15:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zaPAhXDpMZNb for <dmarc@ietfa.amsl.com>; Sun, 26 May 2019 09:15:29 -0700 (PDT)
Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com [IPv6:2a00:1450:4864:20::32b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29BE0120090 for <dmarc@ietf.org>; Sun, 26 May 2019 09:15:29 -0700 (PDT)
Received: by mail-wm1-x32b.google.com with SMTP id t5so13479072wmh.3 for <dmarc@ietf.org>; Sun, 26 May 2019 09:15:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Kgdv0XymMf7evx9z2zyw8LJLJGSglTNMO6pkch7x10I=; b=kez8tFQ6qYJ+zkJRLDN3GBZJXfDWvzb1XBAoobrIBDjxcQuSRoFadGlgdf8HblVKKC 7WJHv+TZ6qCo4zzKoFtwX2kDMmh2z6Q2Je5RDa1Jwea/ywXxVweOzeRW3EC3EpcE85Wl vDOxfAwQTOrYIU+iIEq74KwKPxOG54kXfDRf2V6rWLG/L2QAEwoxQ4rfUx6KBMNS52wX wwnDa7RSoTCUwe3qXI34vA5hkbHA/c6mn58dj+jcORte8Z8cT/ex5JE18F+jKs4vqyJa nI9iWvLZ2acpl9f/Vd/JtIZbePs5KJVIuhmixM8epcH8/Ozh7LalAhkbfckQsdOjiOwO Eqfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Kgdv0XymMf7evx9z2zyw8LJLJGSglTNMO6pkch7x10I=; b=ffBthiaNksj4jEYjOofi6WvLunW6zTJFu4FFJyuNR5XaVBt2Xb5mFFA6RAxYdyVGtf fK2xLtr9MuJYj6RijfEtFYUGFz4Ihrxy8KuYTvEjPIAida+z0vGAl0tPx1eQDgM9eKRv HQpUF2xsya9dJcwMmIrtA9WUF3bvsEVtLy50gMCQ63as+8vAbBrs0GdDPZmZCIirjdVR Y8WUGXaPwSGciHm9XzYRwutFb4ACGyle0rlJBbv39+I9jnh4VuLtucxAJIwm5km5VJOk JEgFCzu+W/Q37nqPx5qwqndo9tZVvqKnaczOpbDX5D8edp6p6krroENHR03SP8GZ8zDP Gx+w==
X-Gm-Message-State: APjAAAXobGNtBIwpAPOaPDwYVfRZJLlygYiElo4t2SpTtFGH/6ktxWVd MJy41mT/LnOSa9wyhcKK00R3hC9coPRAFEFxk4T9dQ==
X-Google-Smtp-Source: APXvYqzqDeErlgHj1Ky2Y5Ri3a21dDJPBJoaIaVtPBZE+S/KziBZUSRpHLmTFF25JQnCz3JRjGwHR7+ngU+VwMiPGho=
X-Received: by 2002:a05:600c:2116:: with SMTP id u22mr6818472wml.58.1558887327676; Sun, 26 May 2019 09:15:27 -0700 (PDT)
MIME-Version: 1.0
References: <20190523225213.C214620147B780@ary.qy> <ab587c42-dd2f-2403-999a-c7d559764726@bluepopcorn.net> <alpine.OSX.2.21.9999.1905241036450.50141@ary.qy> <280824a0-536b-91f1-8072-f7d1cf3051aa@bluepopcorn.net> <alpine.OSX.2.21.9999.1905241416240.51329@ary.qy> <4e4a59d7-e652-48f1-feb1-09d948c3eb04@bluepopcorn.net>
In-Reply-To: <4e4a59d7-e652-48f1-feb1-09d948c3eb04@bluepopcorn.net>
From: Dotzero <dotzero@gmail.com>
Date: Sun, 26 May 2019 12:15:16 -0400
Message-ID: <CAJ4XoYfga+aX8J+aap6hN+EkZ=OrU0DnAXaCbqBjTwv3fAWUfA@mail.gmail.com>
To: Jim Fenton <fenton@bluepopcorn.net>
Cc: John R Levine <johnl@taugh.com>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006946ab0589ccbdc3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/XJ3--9xG9__xljSbZzAUzjiEu4c>
Subject: Re: [dmarc-ietf] DMARCbis issue: what is DMARC ?
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 26 May 2019 16:15:32 -0000

See below.

On Fri, May 24, 2019 at 2:39 PM Jim Fenton <fenton@bluepopcorn.net> wrote:

> On 5/24/19 11:25 AM, John R Levine wrote:
> > On Fri, 24 May 2019, Jim Fenton wrote:
> >> I hope this isn't devolving into a "we can't make any changes, because
> >> it might break something" argument.
> >
> > I don't think so, but we also have a tradition of minimizing the
> > changes to what's needed.  Look at RFCs 2821 and 5321 for example,
> > where they deliberately left the section numbering and most of the
> > language alone and fit the changes into the existing structure.
>
>
> I consider that to be a different situation because both were Standards
> Track. This is situation where we are starting with an Informational
> RFC, although granted it has more deployment experience than many things
> that go to Standards Track.
>
> >
> >> 1. When an MTA product says that it "supports DMARC", does that mean
> >> that it has to support both policy and reporting? ...
> >
> >> 2. Along similar lines, I get confused when I hear that x% of {some set
> >> of domains} has "deployed DMARC". What does that mean? ...
> >
> > Deploying DMARC seems to mean any subset of these:
> >
> > 1a.  Publish a DMARC record
> > 1b.  Publish a DMARC record with a restrictive policy
> > 2a.  Evaluate DMARC status of incoming messages
> > 2b.  Use that status to manage message disposition
> > 3.   Collect reports
> > 4a.  Send aggregate reports
> > 4b.  Send failure reports
> >
> > It is my impression that most domains that have "deployed DMARC" have
> > done 1b and 3.  I've done 1a, 2a, 3, and a very small amount of 2b.
> > Only a few sites do 4a and even fewer do 4b.
> >
> > I'm getting the impression that what we need is a non-normative
> > deployment guide, not as part of the spec.
>
>
> Although Section 8 of the spec currently has normative requirements for
> implementations. Yes, that's different from deployment but having those
> requirements to implement something that isn't deployed much (4a
> specifically) seems unnecessarily burdensome.
>
> I think you are underestimating the deployment. Many receiving/validating
> organizations have privacy concerns about promiscuously disseminating
> reports. As a result, these organizations limit reports to senders with
> which they have either direct contractual relationships or intermediaries
> with which they have contractual relationships. Personally I would prefer
> to see more and better reporting but I recognize the issues involved. It's
> important to recognize that senders publishing DMARC records are indicating
> their policy preferences to receivers which choose to validate for DMARC.
> Receivers which choose to validate DMARC are not required to provide
> records in response to sender requests. I know that reporting is valuable
> for senders and to the extent possible we should be finding ways to
> encourage and support reporting.
>

Michael Hammer

>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email