Re: [dmarc-ietf] Rethinking DMARC for PSDs
Ken O'Driscoll <ken@wemonitoremail.com> Mon, 08 April 2019 14:28 UTC
Return-Path: <ken@wemonitoremail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2415A120416 for <dmarc@ietfa.amsl.com>; Mon, 8 Apr 2019 07:28:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=wemonitoremail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FUKyvFuHAhZP for <dmarc@ietfa.amsl.com>; Mon, 8 Apr 2019 07:27:59 -0700 (PDT)
Received: from email.wemonitoremail.com (email.wemonitoremail.com [78.47.26.204]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4577E120415 for <dmarc@ietf.org>; Mon, 8 Apr 2019 07:27:59 -0700 (PDT)
Received: from localhost [127.0.0.1]
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wemonitoremail.com; s=mail; t=1554733677; bh=5Btz/7/hagYSz5fjjj3Jrso9ULoKGYzwwsHeOF3L1Nk=; h=Subject:From:To:Date:In-Reply-To:References; b=tKEAMz5dV5olYDgTZ3Wi7OdTHK7CjZzrk6nF9BKFK1cXMOVZwhosE1qshArCEUe+e dGGEIqs0tVTzxXK12bu0GCkNLYgMiL6jb5TLWHp14tE/Fc+pcHzB39dvN7zkqwfKzH VHtLcQz2fNtxodSKzoVUC/9S3jG+JBgae41WdsCE=
Message-ID: <3a4aad7d6d707f880b1e3d9a3fdabbc62e55bf32.camel@wemonitoremail.com>
From: Ken O'Driscoll <ken@wemonitoremail.com>
To: dmarc@ietf.org
Date: Mon, 08 Apr 2019 15:27:55 +0100
In-Reply-To: <e4eeecd07b4a482096e5f0eeb2cc5d45@bayviewphysicians.com>
References: <20190408005045.5EC462011B2BFE@ary.qy> <034c10b67aaf41a7809430c3c3b64c84@bayviewphysicians.com> <alpine.OSX.2.21.1904080939220.13124@ary.qy> <e4eeecd07b4a482096e5f0eeb2cc5d45@bayviewphysicians.com>
Organization: We Monitor Email
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.30.5 (3.30.5-1.fc29)
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 0.101.2 at email.wemonitoremail.com
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/c5OXb5G6qdWc0l9sYBUciEuclqw>
Subject: Re: [dmarc-ietf] Rethinking DMARC for PSDs
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2019 14:28:08 -0000
On Mon, 2019-04-08 at 09:50 -0400, Douglas E. Foster wrote: [...snip...] > My focus is on defining a framework for discussing product capabilities, > while leaving room for vendors to add value above the minimum > configuration. That sounds more like what organisations such as Gartner are there for as opposed to the IEFT. And they do a fairly good job in framing vendor selection processes. > Demonstrating email legitimacy is essentially a protocol between sender > and receiver. IETF has only defined one half of the protocol, so why > should we be surprised that the conversation is broken. Expertise can > be assembled; the task is desperately needed. That's not exactly true. The protocols do explain how a receiver should implement them from a technical perspective. That ensures that there is no divergence between how say a SPF record is interpreted on a product by product basis. What they don't do, and what you appear to be alluding to, is proscribe how receivers should filter spam, and more specifically forged sender addresses from non-existent domains. The IETF don't make such proscriptions because a) it's off-mission and b) there is no one size fits all spam filter configuration. What works for a small office would be unsuitable for a large corporation, what works for a large corporation would be unsuitable for a hospital with a similar number of users and in turn, dealing with millions of users requires a completely different approach all together. > In the interim, I am open to recommendations for good spam filters. I > have been trying to avoid disparaging the bad ones by name in a public > forum. This list isn't the appropriate place for that discussion as it does not pertain to DMARC, despite the fact DMARC might be baked into some spam filtering solutions. Your starting point should be proper functional requirements specific to your organisation. Ken.
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Scott Kitterman
- [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs John Levine
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Jeremy Harris
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs John R Levine
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Ken O'Driscoll
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Dotzero
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Kurt Andersen (b)
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Scott Kitterman
- Re: [dmarc-ietf] Rethinking DMARC for PSDs John Levine
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Douglas E. Foster
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Scott Kitterman
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Murray S. Kucherawy
- Re: [dmarc-ietf] Rethinking DMARC for PSDs Tim Wicinski
- [dmarc-ietf] More rethinking on DMARC for PSDs Alessandro Vesely