IETF Logo Mail Archive

Re: [dmarc-ietf] non-mailing list use case for differing header domains

Autumn Tyr-Salvia <atyrsalvia@agari.com> Tue, 28 July 2020 21:11 UTC

Return-Path: <atyrsalvia@agari.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7D39C3A07EC for <dmarc@ietfa.amsl.com>; Tue, 28 Jul 2020 14:11:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=agari.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vRcrkhvSyoQ0 for <dmarc@ietfa.amsl.com>; Tue, 28 Jul 2020 14:11:13 -0700 (PDT)
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (mail-co1nam04on0726.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe4d::726]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B96223A07D6 for <dmarc@ietf.org>; Tue, 28 Jul 2020 14:11:13 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=n9KQmPbQJ6+9o5vsKsl3YFbajxH7o5RLSTWNhyIolEtdY8Irjw41V1LoS0V7oD7Jp3srV3Mt8wXYBF5QkzD8cjfHaWLZEav7ajkxT9wsc3tTjEg+zIN61ryfitWImnixMTNvGHlzE3Sukf9py47Ki8gWuUhNZT1AjYjP1Havc5VLyB3zhcAGCoYLZF7f+ouTX7ENCxYkpg2W8bumj5cb3+CM8WF1F846V5p7oTRwxMyLrS8+JwEWgonjEyW9ZiFdTvB8IrFM4nZo02s2bgAG2jpICBsJZaXcnhXr0217zDWKh2s16wrk8h8Kq+JXcljKWOQP8mqzR1Bv31KmEK1vuw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=K2Qqsuq+TSLuLZxFC/NarxXaeaoFynRr3b1PBOU+oYg=; b=VwQXZ/mtm/Tp1E/QRPStlS2S40H6G/698+S3wJ/W/ArD7TDKbGBHdmOqEixU/v4C8YYworWCuV+CqwE4jCQu7pVYOCZyfiaeWTY3LP2he0S5qxFrwQ5itZmdH1yT/M1rt1ZGHsSzaVwzoc9sMYp6aSDq+k+Ae8zcCtbVROUYdkFJFtC1Owu3tgtg1c89QqOmSqpHyUeFxCtxiTLzX7YccfPCb/Cwj6n2zOxtzQY3PKw1+7tLrT51q29f2+ozyh0F+zzE9bIWfMmFZQkeAtmzbg5U6fmMKH8XrCBurc7ZmBgPdUtsFzfCA/roymEJGjpoRLbVchO8j9irAyXXEsxN5g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=agari.com; dmarc=pass action=none header.from=agari.com; dkim=pass header.d=agari.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=agari.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=K2Qqsuq+TSLuLZxFC/NarxXaeaoFynRr3b1PBOU+oYg=; b=RHiD3OKlr3pCwDrHD2p5wfRoWWkTB7ksxDJNJksDNwTVFJ1vWidF1/rXMc6i0GQGxcUibGcOctWq+T4EBfU4yCAN4NnWTB1M5AT6hVc01EZ8gOGR++ohITP9g9sNgSLHQY65YvWR3IdDmJo0cNzHuH16H+KCHR3LLKHNxkVUKx8=
Received: from BY5PR13MB2999.namprd13.prod.outlook.com (2603:10b6:a03:191::27) by BY5PR13MB3777.namprd13.prod.outlook.com (2603:10b6:a03:219::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.13; Tue, 28 Jul 2020 21:11:12 +0000
Received: from BY5PR13MB2999.namprd13.prod.outlook.com ([fe80::1a5:56e5:b660:ec1f]) by BY5PR13MB2999.namprd13.prod.outlook.com ([fe80::1a5:56e5:b660:ec1f%3]) with mapi id 15.20.3239.015; Tue, 28 Jul 2020 21:11:12 +0000
From: Autumn Tyr-Salvia <atyrsalvia@agari.com>
To: Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>, John R Levine <johnl@taugh.com>
CC: IETF DMARC WG <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] non-mailing list use case for differing header domains
Thread-Index: AQHWZKh8JcOQ838b0UOee1lvwkySbakdQicAgAArsgCAAATJgIAAB7wAgAAC0js=
Date: Tue, 28 Jul 2020 21:11:12 +0000
Message-ID: <BY5PR13MB29993AD874B3A34BA088D87BD7730@BY5PR13MB2999.namprd13.prod.outlook.com>
References: <BY5PR13MB29998094418C8A6C25902569D7730@BY5PR13MB2999.namprd13.prod.outlook.com> <20200728173716.068CB1D9840C@ary.qy> <CAHej_8na3MLm1i4AZzgbL=7EZ7QBX8OvSB4BOqHg-1osBc4H_w@mail.gmail.com> <655df0e7-4fef-e441-9a57-df4a10aa1fa3@taugh.com>, <CAHej_8mztD91jeSA3S=ypdJO7B+9AhM+2ox=mhWOfz--3b0Aog@mail.gmail.com>
In-Reply-To: <CAHej_8mztD91jeSA3S=ypdJO7B+9AhM+2ox=mhWOfz--3b0Aog@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dmarc.ietf.org; dkim=none (message not signed) header.d=none;dmarc.ietf.org; dmarc=none action=none header.from=agari.com;
x-originating-ip: [108.69.133.171]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 72c9c2b9-979e-40a2-a887-08d8333ac1ab
x-ms-traffictypediagnostic: BY5PR13MB3777:
x-microsoft-antispam-prvs: <BY5PR13MB37773D910CEBD429996CFDD5D7730@BY5PR13MB3777.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: SnwFJxBplexZH+8bXtxfNsLtQ+HLWIlcaKPyhKmJTd49zYSI7LpMslxMaRhyziX/ZEO3duBZ2sB4PAi3GIae9yex5jPStyjz1/irmMMImRh2RbHRwlni/gOK+M0CDQED4QEBfedH0QDjnour+WyhzRSY2Nz9oRJj71hJt4d/Bt6PKL5G/EYYAfdx4lni6KVuKianPjtSwLQGJnikOJYO8uQyM1qLoiwnhv9iYdFN9QG6JS3CtylEgrJgVhS1990vfPyDgEcPzWYbuce24gXu4TJGuQFh9yFLZwKV4YobQ01YDuPqZbcVwLQ3VwS/KK8YyEXxCVlcAXPW24+tmOzeEM9IvwXYkuA0G9t44PrupEJzT8Tgu61QAjLC0H4hhEvkPNcgVTTt1nB9iNEO0LG3qdjdcHdcDc1Y2J4doApkOlUy9nxOLDJ1lpPhT4hw9bpu66cnx28g0OULTqOpfV0s7M4QOjNLVg0jyegiotGoP7s=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR13MB2999.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(39850400004)(136003)(396003)(376002)(346002)(366004)(2906002)(52536014)(55016002)(8676002)(66946007)(66476007)(66446008)(66556008)(19627405001)(76116006)(71200400001)(64756008)(53546011)(6506007)(7696005)(316002)(966005)(9686003)(110136005)(508600001)(5660300002)(26005)(8936002)(86362001)(33656002)(186003)(166002)(83380400001)(4326008)(223123001)(130980200001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: ciNZvTBzm2rR4y+Cvd9n5dc10o0x17uoZiyDZyuCZPNmjPc8g4xsxPitd7kspWU58LhPcOZFFXcmB8On5Fp+9FY3caInpUYXC8Qeo5cKe5yiEoh3NOBC5SxUrwk7aNeRNqjGfPTi8ULaTwFIrYbM1CU5L0OgIP5qtKi6GuB1AfaTle8HLwHep/DVwh3s2ds87Ovf7TqVb6QqLBfIn5STLI0iaxcSfsIGVO7JLL1AN6OfSmiqyvYnU6FKtJ+GB6FzhpDdkMS38kCH0aIRQFlnUTZSYY3qoKYJ35qgkj9t6lwjHOpdhxH6Ct3Z+xtzrGSQSZNFuIwUZBG+HTpNP3h1NKif0MdwEffZA6cNtGCkVeKRYLHhdz4LmXcO7mmRgzmpGIN5hH8ucnLfNS3Q5Qj3z6frV61C1gRll2fOOTnnGvao/OgFIz/hKKQWMjbHndDs9/2j69jVmO/tGB0Tu2wzLn9lCr2iaQoIKBkRP7L3lNlsbKLMiowZl6bOVlXuo66nZRi/jMin25aSCakfZU6vHLBIMBqpGzVPrK2V/crqp74zYs5HjUzJx3AHwjvNaK/dlPYzQUKeAM0Y+jukfv2pTIT6ZsgXs9t2UjKFRajJVu/ZHqxxA3Haf9ZKTLFFzyB6b62X8jGs33SL1zBQBuQDJg==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_BY5PR13MB29993AD874B3A34BA088D87BD7730BY5PR13MB2999namp_"
MIME-Version: 1.0
X-OriginatorOrg: agari.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR13MB2999.namprd13.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 72c9c2b9-979e-40a2-a887-08d8333ac1ab
X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Jul 2020 21:11:12.1758 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 05773123-385e-420d-844e-f01aee5e37ab
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: UKfYYvwrGFtUH+9N5edu2klKHVjdIby5Y8319KC6LiUkDxR0hi58iYGAGaJjDGs5p/k/DwnIig1D11wOHn/agQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR13MB3777
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/Si8kOArcdTs67UHLQG-zkRpw0Ec>
Subject: Re: [dmarc-ietf] non-mailing list use case for differing header domains
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 21:11:16 -0000

To Todd's point, I think the answer on which policy would be applied at least needs to be predictable. If one receiver chooses one policy and a different receiver chooses the other policy, that is going to make it significantly more complicated for complex organizations to implement a DMARC p=reject or even p=quarantine policy.


Thanks,

Autumn Tyr-Salvia
atyrsalvia@agari.com
Agari Principal Customer Success Engineer


________________________________
From: dmarc <dmarc-bounces@ietf.org> on behalf of Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>
Sent: Tuesday, July 28, 2020 1:58 PM
To: John R Levine <johnl@taugh.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
Subject: Re: [dmarc-ietf] non-mailing list use case for differing header domains



On Tue, Jul 28, 2020 at 4:30 PM John R Levine <johnl@taugh.com<mailto:johnl@taugh.com>> wrote:
On Tue, 28 Jul 2020, Todd Herr wrote:
> Using the Sender header and the "snd" bits in the DMARC policy for
> firstbrand.com<https://nam12.safelinks.protection.outlook.com/?url=http%3A%2F%2Ffirstbrand.com%2F&data=02%7C01%7Catyrsalvia%40agari.com%7C92171061501e4c0b556008d833390787%7C05773123385e420d844ef01aee5e37ab%7C0%7C0%7C637315667319827245&sdata=1AHw64v72T7eJ%2BNrnkkUsSnky%2F1H2CqV3tA1t1X0FvM%3D&reserved=0>, DMARC would pass for the Sender domain and fail for the
> From domain.
>
> Which verdict gets applied to the message?

I believe the reasoanble answer is both, and the filtering engine
evaluates both based on their reputations.


Two responses, two different but equally valid answers, the other (Dave's) being "receiver discretion", which *could* be an umbrella term to include John's answer, but would certainly also include other applications of rules for this scenario.

Note that I'm not at all opposed to the idea put forth in https://datatracker.ietf.org/doc/draft-crocker-dmarc-sender/<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-crocker-dmarc-sender%2F&data=02%7C01%7Catyrsalvia%40agari.com%7C92171061501e4c0b556008d833390787%7C05773123385e420d844ef01aee5e37ab%7C0%7C0%7C637315667319827245&sdata=6Z2zUXQD8CB14mF9Tw9bNDVb7k5dyqUAez%2BJ%2B8TPYUs%3D&reserved=0> but I do believe that there will have to evolve a very limited set of known and expected possibilities for how such messages will be handled, or else wails will be wailed, teeth will be gnashed, and garments will be rent, especially among those trying to do the right thing when sending email and the deliverability people they employ.

--

Todd Herr | Sr. Technical Program Manager
e: todd.herr@valimail.com<mailto:todd.herr@valimail.com>
p: 703.220.4153

[https://lh5.googleusercontent.com/_vs__6iRjfmT2Ae5LLNBb8nEopl2M5Tl5QlpS6LS0Lh0vv4TYnZu-Mff2kDFOqe0LhbnSXprAx4yoaTvq_Tc_7n1b8yzGIqoxuhedthDxYQansg8ChT2x5EcZV3rjz19-Dx9rESL]


This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.

v2.23.0 | Report a Bug | By Email