Re: [dmarc-ietf] auth-res vs. dmarc

Michael Thomas <mike@mtcc.com> Wed, 30 December 2020 15:48 UTC

To: dmarc@ietf.org
References: <9f6782b1-e85b-1a9c-9151-98feff7e18ea@mtcc.com> <CAHej_8m0OWsTt+tcSgUh+Fxu=HH_57nsb2O1Q_fgA2453ceh4g@mail.gmail.com> <140485eb-020f-4406-3f2f-e2c475ea51e5@mtcc.com> <CAHej_8mApfoF2ORgL+DoYTanrdhMjvT9H27kORwLKCQc1C9sRw@mail.gmail.com> <5588dbbe-b876-ed80-c80f-792380e3718f@mtcc.com> <CAHej_8=kW_t_JkOxUud1Uz8+PrbMh5CfwfxZK=mhe0wjW8wQpw@mail.gmail.com> <54dd9978-bcd1-6757-ad27-dcef6db6e5f7@mtcc.com> <CAHej_8kCi=7oqojDH_rbjn7kRg-PTDJWLgcKTGK9z-baUnKeMw@mail.gmail.com> <ef32de1e-d47e-1d0f-3cec-5994c7fdb7ae@mtcc.com> <CAHej_8kjSsQK_XEbdjWzV5npa29YjGadzD06Fmx3QLB4p+n_Cg@mail.gmail.com> <937f1019-a028-308d-2a0f-1e720fd49dcd@mtcc.com> <d8014c2a-c1c9-9eac-e64a-5f285bab7fd3@tana.it> <CAHej_8mgYr9ERAxmup+keZT5u8L+qgCxcSLH7Z=BEuZLouttpg@mail.gmail.com> <9c5f18c2-c5f6-4f66-a185-f684949738b5@mtcc.com> <CAHej_8mDb6MQk8y2mZZC6d4AD7Zi8xJDsbDn2=FoD+Bx-wVAkg@mail.gmail.com> <326d993e-0d92-206b-dd94-bef21ddfbaaa@mtcc.com> <CAHej_8=Gaou-Mb1vkwxABXLt7a_de03EVgPdyjZTdjR_+7DrrA@mail.gmail.com>
From: Michael Thomas <mike@mtcc.com>
Message-ID: <06474cf1-105a-b6fb-a7b5-de6f7dff761d@mtcc.com>
Date: Wed, 30 Dec 2020 07:47:57 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <CAHej_8=Gaou-Mb1vkwxABXLt7a_de03EVgPdyjZTdjR_+7DrrA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------198B8C2BAD158792C6FE1B97"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/XkWm2PVF0J2ftgCdjxJTtuPXA4Y>
Subject: Re: [dmarc-ietf] auth-res vs. dmarc
Precedence: list

On 12/30/20 7:40 AM, Todd Herr wrote:
> I already said there is a thunderbird extension called dkim-verify 
> that does exactly that. It says "DMARC: fail". That is highly 
> misleading to the user.
>
>
> I see.
>
> I wrote "MDAs and local clients (web and mobile) at the mailbox 
> provider",  and I was referring to things such as Gmail's web client, 
> Gmail's mobile client, etc.
>
> You are talking about an extension for Thunderbird, which is different 
> from what I'm talking about.
>
> Thank you for the clarification.
>
This would be a problem for any MUA. That's the point. It's not 
different, it's the exact same problem for every MUA. There is no 
normative mechanism that gives anything downstream from the DMARC check 
producing the auth-res to be able to use that information correctly. And 
we sure don't want billions of MUA's doing DMARC checks on their own 
because of the inadequacy of auth-res. There is code in that extension 
to do exactly that. If that were widespread, it would be disastrous.

Mike

[dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Hector Santos
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Laura Atkins
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Douglas Foster
Re: [dmarc-ietf] auth-res vs. dmarc Kurt Andersen (b)
Re: [dmarc-ietf] auth-res vs. dmarc Douglas Foster
Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Dotzero
Re: [dmarc-ietf] auth-res vs. dmarc Laura Atkins
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Dotzero
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Dotzero
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Seth Blank
Re: [dmarc-ietf] auth-res vs. dmarc Hector Santos
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Seth Blank
Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Seth Blank
Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
Re: [dmarc-ietf] auth-res vs. dmarc Seth Blank
Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
Re: [dmarc-ietf] auth-res vs. dmarc John Levine
Re: [dmarc-ietf] auth-res vs. dmarc Murray S. Kucherawy