IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #39 - remove p=quarantine

"Murray S. Kucherawy" <superuser@gmail.com> Wed, 02 December 2020 19:08 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A312A3A155E for <dmarc@ietfa.amsl.com>; Wed, 2 Dec 2020 11:08:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.089
X-Spam-Level:
X-Spam-Status: No, score=-2.089 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_SPF_HELO_TEMPERROR=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4hiQ78PSb4DA for <dmarc@ietfa.amsl.com>; Wed, 2 Dec 2020 11:08:25 -0800 (PST)
Received: from mail-ua1-x92c.google.com (mail-ua1-x92c.google.com [IPv6:2607:f8b0:4864:20::92c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A19723A1570 for <dmarc@ietf.org>; Wed, 2 Dec 2020 11:08:25 -0800 (PST)
Received: by mail-ua1-x92c.google.com with SMTP id y21so549448uag.2 for <dmarc@ietf.org>; Wed, 02 Dec 2020 11:08:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=DRKjKSYcoklqhGd8GolCez4vv3Udzssysfvz+eF91BY=; b=VmKhVi9o/DEks2PaRz6Hgl64wYdn0SRIiaW/dECMvpzu1gkb5mTbk2zBsnzVhxmqX7 3u0LtUMYwN7103HhGOWT2g2SofIbnzAIPIYFwBe745veSbAXxOtCzlQrZmCFuemzmXXH 1gj1zo4FjxVGUn4LMM/zM2rK/p7SxNRGfBumPfT/D+bmuFCFNJUijPl67WonY1U6HfMI 9c2UY1fT1+XH5fmNgs6qIt09/YO7cT4cXS0jJRyDkOBxyXGo6CELcAK90/GC59wE9V5/ fBC+Ip/ETyD23jabqd1WxXe2lXG9mVpu/9egvmyvUTutUTcNnRNGDRfQ+UH169JxD17W RabA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=DRKjKSYcoklqhGd8GolCez4vv3Udzssysfvz+eF91BY=; b=DzigZTqmsb8oviNql88QIX+nIoC8NITCrb26gMsm3yTxOqZqfV5YrxtC56kMzAeo6g 50MYsXQPqM2Y/FjWcVOMobRwKx8X2dhcDII+bzYBAC4AvkIhEf2ZuXuelILE5qd698xq zDoYek14YyE31WZt0vUXlzS+bUonSWdfOguJls5dTccmVAR7vQq/1wPDsKdzPpxy+cCd ZuU2YsT+Rp0cYylezVtSr8omSjRx0K6iQwzT81Lwsu3mB2xU/sxCqen9n9LppWYxWQNT /c+gfdKyvIbfsoIf8stsGe60q8fMxiciX/s1vHcSpLRszmrjrrk/UpOhvKJcp+Im+SK3 khng==
X-Gm-Message-State: AOAM533emRFPVNJqGpTWA3u4G/X63ueihR1AF+DbbaKHSJmQE7lFPF5L TCvtgfzFEXCm5hVXJr5LAYZ3QMK90R2hnWJXlTw=
X-Google-Smtp-Source: ABdhPJz/0OUCpLg+2oNmpkKEVUcZlCeGyKAUtXTie8J91tt5PMepF+C8x/heDcs861lQXwiw85sWL2Uxl+rvYNN44Vc=
X-Received: by 2002:ab0:36a7:: with SMTP id v7mr3102990uat.67.1606936104577; Wed, 02 Dec 2020 11:08:24 -0800 (PST)
MIME-Version: 1.0
References: <20201202021651.E8EE128C576A@ary.qy> <327860af-2fa7-63ee-4b89-6e7e383f3d53@crash.com> <2804da89-84d1-f601-9425-0b0d9baf6ae1@gmail.com> <1f6cae74-4eed-47f5-7249-e526bf1f5845@crash.com> <df11af30-2c27-0d69-97ba-bc058116c044@gmail.com> <87y2ig9t9i.fsf@orion.amorsen.dk> <CAJ4XoYeZXKKZpvtT2FcYouSsNur7=6d0PqSRnErVPQw6zCMW_A@mail.gmail.com>
In-Reply-To: <CAJ4XoYeZXKKZpvtT2FcYouSsNur7=6d0PqSRnErVPQw6zCMW_A@mail.gmail.com>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Wed, 02 Dec 2020 11:08:13 -0800
Message-ID: <CAL0qLwb=Vo63Q74r8N31STxbE2YN4+TMq_=yjr+cdMEJQ0m6Mg@mail.gmail.com>
To: Dotzero <dotzero@gmail.com>
Cc: Benny Lyne Amorsen <benny+usenet@amorsen.dk>, IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b0b14605b57ff77a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/_00jhQAQAxGFOhkeXjzS2xqFxFQ>
Subject: Re: [dmarc-ietf] Ticket #39 - remove p=quarantine
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 19:08:38 -0000

On Wed, Dec 2, 2020 at 6:47 AM Dotzero <dotzero@gmail.com> wrote:

> p= DID NOT mistakenly choose to use the language of receiver actions. p=
> represents the domain-owner request to the receiver as to the disposition
> of messages which fail to validate. Any reading of "concern" is supposition
> on the part of yourself or other self appointed interpreters of the mind of
> the domain-owner or administrator. The vocabulary is perfectly fine as it
> accurately describes the request being made. It makes no attempt to read
> the underlying reasoning behind the request because, surprisingly, there is
> likely to be a wide range of underlying reasoning behind why various
> domains publish the policies they publish. This is an interoperability
> standard, not a seance.
>

Not sure I agree.

I have long held a quiet dislike for "quarantine" because that has a
particular meaning to milter implementations.  Specifically, milter can
render one of several final results about a message, one of which is
actually called "quarantine".  It means "park this in the queue
indefinitely until a human decides what to do with it."  There's no
indication to the operator that such a job is waiting for review unless one
goes and looks for such things.  The upshot of this is that quarantining in
that environment can become a denial of service attack if I send you enough
messages that end up getting handled that way and your queue disk fills, or
the queue takes an inordinately long time to process because these have
piled up and need to be inspected.

Certainly not all implementers will trip on this (maybe none will) but it's
an argument to me in favor of picking a word or set of words that describe
what the domain owner thinks of the message, rather than what the domain
owner thinks you should do with it.

-MSK (hatless)

v2.23.0 | Report a Bug | By Email