Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL
Alessandro Vesely <vesely@tana.it> Thu, 08 August 2019 09:48 UTC
Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 664EE12011C for <dmarc@ietfa.amsl.com>; Thu, 8 Aug 2019 02:48:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ve1Me6RSQRgJ for <dmarc@ietfa.amsl.com>; Thu, 8 Aug 2019 02:48:43 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 02B7C120044 for <dmarc@ietf.org>; Thu, 8 Aug 2019 02:48:42 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1565257720; bh=v1vOxvG8yCuysxrrSx2B0O6x6OrbHQNVtjGUM1D7fhE=; l=1208; h=To:Cc:References:From:Date:In-Reply-To; b=AOmw8SmI6zcei2bocMXTGXAoAs9dCYixELATPrt51IxzTZslV1iH4ZXzZddWBI5B8 5MhlypBfoiZ4tkRXsTSuUYwQEVEWNuOVIBVSuQmyOHBEoVKdfuJxfhiA1rALHynLRW i53V1/0H+lCFvO96bTGjYiDTn4OctYH6oXmTkTbjINrp7P69kWcNkoDU5Rtt1
Authentication-Results: tana.it; auth=pass (details omitted)
Received: from [192.168.1.101] ([5.170.69.76]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLSv1.2, 128bits, ECDHE-RSA-AES128-GCM-SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC056.000000005D4BEFF8.0000610C; Thu, 08 Aug 2019 11:48:40 +0200
To: "Murray S. Kucherawy" <superuser@gmail.com>, Matthias Leisi <admins@dnswl.org>
Cc: IETF DMARC WG <dmarc@ietf.org>
References: <e580ada3-d9b5-0e5b-9ac3-eade41ac92d2@tana.it> <CAL0qLwa5yR5dVzkDSD48MDgpUa11+ri=KOwrNSqOxi8fB2i6PA@mail.gmail.com> <eabefc6b-7542-1a46-4272-b786433ed0b5@tana.it> <4783309.BXR8ZdE9c3@l5580> <CAL0qLwb5FAaYZ7AX_H=aeUFkv8cvY+xd1bQ5uCDp4tmrbx2CQg@mail.gmail.com> <7a21b80b-e6bb-d8b9-cf63-601a8d1e47e7@tana.it> <C1E711A8-F3A6-4A20-B71D-53FA773A61D9@kitterman.com> <aca25d30-3b01-4eaf-6d0b-3bae6f3f796b@tana.it> <CAL0qLwaY=YPskxLwZXkm9Gj4yvYEdJTMBSECOxvg6B4+Xb4EJA@mail.gmail.com> <a2bcc8a6-8fe6-54b8-5134-f1c51f74a35d@tana.it> <CAL0qLwa2LAQsCNRtN-dS9oxmTDRyEQNDiQtyWTDCWh_NkMVdvQ@mail.gmail.com>
From: Alessandro Vesely <vesely@tana.it>
Openpgp: preference=signencrypt
Message-ID: <b32420b1-2854-d606-119b-fa2fb7e33c00@tana.it>
Date: Thu, 08 Aug 2019 11:48:32 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <CAL0qLwa2LAQsCNRtN-dS9oxmTDRyEQNDiQtyWTDCWh_NkMVdvQ@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/_wy0bozmtMugrSI6jDLEA8Dfz3I>
Subject: Re: [dmarc-ietf] Do is need a new ptype? Was Re: New authentication method, DNSWL
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 09:48:44 -0000
On Wed 07/Aug/2019 17:14:22 +0200 Murray S. Kucherawy wrote: > On Sat, Aug 3, 2019 at 8:28 AM Alessandro Vesely wrote: >> >> IOW, dnswl=pass means the sender was whitelisted. > > > If that's the case, why do downstream agents need "policy.ip" at all? To be whitelisted just means that the sender is a legitimate SMTP server, AFAICS. I add Matthias to the recipients list as he can be much more precise on such criteria, at least for the whitelist he runs. policy.ip carries more details. In my use case, "HEURISTIC" viruses have a significant probability of being false positive. A downstream filter extracts the trustworthiness from the policy.ip and makes a decision based on that value. Note that this filter runs after the AV filter, after the end of DATA, while dnswl=pass can be used at HELO to mitigate SPF forwarding issues. Some ISPs, albeit whitelisted, either have policies so sloppy as to tolerate infected customers, or don't spend enough energy to sanitize them anyway. The trustworthiness somehow reflects that quality. Dnswl.org also reports the category, another octet of policy.ip. Best Ale -- https://tools.ietf.org/html/draft-vesely-authmethod-dnswl
- [dmarc-ietf] New authentication method, DNSWL Alessandro Vesely
- Re: [dmarc-ietf] New authentication method, DNSWL Murray S. Kucherawy
- Re: [dmarc-ietf] New authentication method, DNSWL Alessandro Vesely
- Re: [dmarc-ietf] New authentication method, DNSWL Scott Kitterman
- Re: [dmarc-ietf] New authentication method, DNSWL Murray S. Kucherawy
- Re: [dmarc-ietf] New authentication method, DNSWL Murray S. Kucherawy
- Re: [dmarc-ietf] New authentication method, DNSWL Alessandro Vesely
- [dmarc-ietf] Do is need a new ptype? Was Re: New … Scott Kitterman
- Re: [dmarc-ietf] New authentication method, DNSWL Murray S. Kucherawy
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] New authentication method, DNSWL Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Kurt Andersen (b)
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Murray S. Kucherawy
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Jeremy Harris
- Re: [dmarc-ietf] Do we need a new ptype? Was Re: … Scott Kitterman
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Murray S. Kucherawy
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Murray S. Kucherawy
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Stan Kalisch
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Marc Bradshaw
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Tim Wicinski
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Murray S. Kucherawy
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Murray S. Kucherawy
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Jeremy Harris
- [dmarc-ietf] Call for rfc8601 erratum (smtp.remot… Alessandro Vesely
- Re: [dmarc-ietf] Call for rfc8601 erratum (smtp.r… Kurt Andersen (b)
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … John Levine
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Scott Kitterman
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Murray S. Kucherawy
- Re: [dmarc-ietf] Call for rfc8601 erratum (smtp.r… Murray S. Kucherawy
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … John R Levine
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Scott Kitterman
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely
- Re: [dmarc-ietf] Do is need a new ptype? Was Re: … Alessandro Vesely