IETF Logo Mail Archive

Re: [dmarc-ietf] Search for some consensus, was: Proposed text for p=reject and indirect mail flows

Hector Santos <hsantos@isdg.net> Wed, 26 April 2023 15:25 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 900CAC15155A for <dmarc@ietfa.amsl.com>; Wed, 26 Apr 2023 08:25:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sC9N43jHP1-N for <dmarc@ietfa.amsl.com>; Wed, 26 Apr 2023 08:25:04 -0700 (PDT)
Received: from mail.winserver.com (mail.winserver.com [3.137.120.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A1750C14CF1E for <dmarc@ietf.org>; Wed, 26 Apr 2023 08:25:04 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha256; c=simple/relaxed; l=3456; t=1682522696; atps=ietf.org; atpsh=sha1; h=Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=aUhqjFPuXLFrqiaq7jx3u8myxbjmtaP2CgilXm3AT9I=; b=F+rd 8yRMTkCKPqvZ8DZE1Pq6VQM6AAh/2vuskbV+0QxCHQdoprMh8z+b62qTnaR7YfD8 /u3kTN0gEy3Yr2lt63IEz5lA1xNIlE8TzSJaO7qYAqwQW/q+TjKSMk3KlPAfXCcG ELhrr8u5/MpIni/565o9w2fgtikP/Kpbd+R8jsA=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.13) for dmarc@ietf.org; Wed, 26 Apr 2023 11:24:56 -0400
Received: from [192.168.1.68] ([75.26.216.248]) by winserver.com (Wildcat! SMTP v8.0.454.13) with ESMTP id 2915474191.1.3864; Wed, 26 Apr 2023 11:24:55 -0400
Message-ID: <6449424A.5070207@isdg.net>
Date: Wed, 26 Apr 2023 11:24:58 -0400
From: Hector Santos <hsantos@isdg.net>
Reply-To: hsantos@isdg.net
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: dmarc@ietf.org
References: <CALaySJ+NBg9vzqa0_t-sBf7EKXQ3A=DTyy-Vc7M-ZK9-vfJxmw@mail.gmail.com> <29216533.CRhL9lMF2B@localhost> <9aaeadee-c29a-efe8-2c43-ed6fc1b3ed0d@tana.it> <D29CB79C-AAEB-4999-92C7-D19389916D98@kitterman.com>
In-Reply-To: <D29CB79C-AAEB-4999-92C7-D19389916D98@kitterman.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/cBdlgAEyhjHFrgCKnNua7MVJocA>
Subject: Re: [dmarc-ietf] Search for some consensus, was: Proposed text for p=reject and indirect mail flows
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2023 15:25:09 -0000


On 4/26/2023 7:21 AM, Scott Kitterman wrote:
> On April 26, 2023 8:08:39 AM UTC, Alessandro Vesely<vesely@tana.it>  wrote:
>> On Tue 25/Apr/2023 20:27:18 +0200 Scott Kitterman wrote:
>>> My recollection is that a general formulation that I proposed had at least
>>> some traction out of both groups:
>>>
>>>> [some appropriate description] domains MUST NOT publish restrictive DMARC
>>>> policies due to interoperability issues
>>> Leaving aside (for now) the question of what goes into [some appropriate
>>> description] and with the assumption that there will be some non-normative
>>> discussion to amplify whatever that is and probably give some indication about
>>> what domains might do to not be one of those domains, is there anyone who just
>>> can't live with that formulation of the situation?
>> Me, for one.  Because more than 98% of domains are going to fall into the description, however we word it, that statement makes the whole I-D nonsensical.  Cannot we just tell the problem without MUSTard?
>>
>> In any case, using the complement of [some appropriate description] is certainly easier.  For example:
>>
>>     Forcing authentication into Internet mail by publishing restrictive DMARC
>>     policies breaks some well established patterns of usage.  Publishing such
>>     policies is thus RECOMMENDED only for domains [in this other appropriate
>>     description].
>>
> Thanks.
>
> I understand your objection to be that the proposed description of the interoperability problems would apply to too many domains, regardless of the modifier we might use.  Is that correct?
>
> I don't understand the technical issue associated with that objection.  I get that you feel the construction is too negative, but I don't have a sense you think it's inaccurate.  Focusing on the technical aspects of this, would you please help me understand what you think is technically incorrect about it?
>
> Scott K

Scott,

I will two to remained focus. With Barry's MUST NOT text and as you 
surmised:

    [some appropriate description] domains MUST NOT publish 
restrictive DMARC
    policies due to interoperability issues

I believe you are asking if this is technically correct ...  for IETF 
PS passage?

To me, there were a number of folks who indicated support for MUST NOT 
but preferred more details.

We will need to deal with the consequences when existing restrictive 
domains have the proverbial "book" thrown at them for their user's 
actions which creates the necessary known mitigations;  Rewrite and 
Subscription/Submission controls.  As advice to MLS/MLM 
implementators, the latter should be a natural part of the protocol 
when honoring the policy. The former is a security tear down when 
intentionally not honoring the policy.

With no deliberation as to what the interop issues are and the 
mitigation, not closing the loop holes for implementators, I see a new 
potential security issue is highlighted. The "MUST NOT due to Interop 
issues" may require a security review with a new possible Security 
Section 11.9 "Intentional DMARC Security Tear down Threats" or it may 
fall under an updated section 11.4 as a Display Name Attack.

So is it technically correct and sufficient?

I would be flabbergasted if this was IETF/IESG "technically correct" 
as a PS.  Maybe as an Informational Status, but difficult as a PS and 
I believe Barry may have suggested that.  I agree with that if left as is.


--
HLS

v2.23.0 | Report a Bug | By Email