IETF Logo Mail Archive

Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal

"Murray S. Kucherawy" <superuser@gmail.com> Mon, 26 June 2023 15:55 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D429AC14F75F for <dmarc@ietfa.amsl.com>; Mon, 26 Jun 2023 08:55:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LVjcSRHxVEsP for <dmarc@ietfa.amsl.com>; Mon, 26 Jun 2023 08:55:41 -0700 (PDT)
Received: from mail-ej1-x62c.google.com (mail-ej1-x62c.google.com [IPv6:2a00:1450:4864:20::62c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2364BC14E513 for <dmarc@ietf.org>; Mon, 26 Jun 2023 08:55:41 -0700 (PDT)
Received: by mail-ej1-x62c.google.com with SMTP id a640c23a62f3a-98e2865e2f2so44521766b.0 for <dmarc@ietf.org>; Mon, 26 Jun 2023 08:55:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1687794939; x=1690386939; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=1iL4pehXIPHuRjoKQ5rRSaMGRnpbX/wUViblX+rqylI=; b=YZ4s0ThWovX+hqHy1Mx//3PszyWcNpbTK1uMhi8WhIrRdNLS03hFDclCaCC9zmb03U pfAPUoU72dOaFCFbx+qvZHJOiJEOoYcKN7BX8aLbQfHe40O6FhdSHW1sHAlxwj9vZaqF 5Ku4UYq7hdSycrBEsScaT2LbqfcS25m1b6Y7nS4YboBCpiCbG6QYkHBaCcItFGdIifOl aSDGYDEbc2HSggGPwSCL3Q9oYMEFpqO2wl+fVXKTqVVzDISx3wOtqPi2zq7eFqIwi0jY jZVoVnGKUaLyacnu1+l8S+P2f54DoCcVjiCQRboWDQ+nJKNfdw6U12c8uQ8DNWy9IlEz PnSA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1687794939; x=1690386939; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=1iL4pehXIPHuRjoKQ5rRSaMGRnpbX/wUViblX+rqylI=; b=EauaalTi0F3sh/lLiflxrIsCo+fIgcd6Weqc8nD+/yx8ITga5d94XJMcgSPyKjzFGM Y+dpuEOBGg/xld9dDkU4nxWK5pqeM4ylYzE0IbrGkq2nlwPdjwplccO5JKbrbBxup0vz ijxSGP11rfT8VSyB9JSDdqq0L4bLFLgVt78RosKuDcavxZG96/BrAIpQ/VEzS/g4PTBz 2L/m9rkBYb5rwT9CN7vromT+skEnkgldtBySUGr4h1PLBc5/tD8SkZqn22zTPjxsRIHq oZAnAi5EiWoPKZ2XUlIE8vtE5X5f7+aJn/9aK2c0JTPrDMVzKjdnzz7RZ2kTdEyRF7MM B4TQ==
X-Gm-Message-State: AC+VfDzcoIQqEFojRxdM1KW/D/xGTsfetBMstHbke94Rgqqamwu4c8cP puX72XIhsMJNTXa+/kejT+YzYTUp1EyZjrol0pbC7JcQ
X-Google-Smtp-Source: ACHHUZ4JwRLgKh3lrZTc9dE/Y34Q3CZqmQKtPNXKdFAaedP8e1eA/w3N+M26rUt33aka0LcsB6BX/nb2cfOxgaKj5MY=
X-Received: by 2002:a17:906:100a:b0:987:81d:9d49 with SMTP id 10-20020a170906100a00b00987081d9d49mr21218794ejm.7.1687794939367; Mon, 26 Jun 2023 08:55:39 -0700 (PDT)
MIME-Version: 1.0
References: <20230623021810.E5F8DF9B3B94@ary.qy> <6495D504.4090809@isdg.net> <839aa10b-f7fa-c7a2-76db-6441189afca2@dusatko.org> <CALaySJ+gcVvpzJcrpUbOkOvjUFAhzw=pZovpZC7BhW_x7VW7nA@mail.gmail.com>
In-Reply-To: <CALaySJ+gcVvpzJcrpUbOkOvjUFAhzw=pZovpZC7BhW_x7VW7nA@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Mon, 26 Jun 2023 08:55:26 -0700
Message-ID: <CAL0qLwasxzqJt7Hr7gZd86C=ivCrDUci_i6pkJJUTnqzL1pHMA@mail.gmail.com>
To: Barry Leiba <barryleiba@computer.org>
Cc: Jan Dušátko <jan=40dusatko.org@dmarc.ietf.org>, dmarc@ietf.org
Content-Type: multipart/alternative; boundary="000000000000d095e905ff0a6182"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/Y2lcg7RrKOslx-fP_X5Au5P1GXY>
Subject: Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jun 2023 15:55:46 -0000

Just to clarify something:

On Mon, Jun 26, 2023 at 5:52 AM Barry Leiba <barryleiba@computer.org> wrote:

> I can accept some mechanism for the sender to say "SPF only", "DKIM
> only", or "either SPF or DKIM".  I cannot except a version of DMARC
> where *both* must pass.
>

I think the proposal before us is to allow the domain owner to indicate it
wants specific combination(s) of SPF and DKIM to pass in order for DMARC to
pass.  I imagine the default would be "or" which is backward compatible
with what we have today, as the charter demands.

Are you saying you don't even want "and" to be an option if it is made
configurable?  Or do you just not want the "or" to change to "and" without
the proposed new tag?

-MSK, participating

v2.23.0 | Report a Bug | By Email