[dmarc-ietf] Reflections on IETF 117 Conference and DMARC Meeting
Hector Santos <hsantos@isdg.net> Mon, 31 July 2023 16:47 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74869C151540 for <dmarc@ietfa.amsl.com>; Mon, 31 Jul 2023 09:47:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qBkeBQqX1Znz for <dmarc@ietfa.amsl.com>; Mon, 31 Jul 2023 09:47:19 -0700 (PDT)
Received: from mail.winserver.com (mail.winserver.com [3.137.120.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE4F0C15153D for <dmarc@ietf.org>; Mon, 31 Jul 2023 09:47:19 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha256; c=simple/relaxed; l=5534; t=1690822035; atps=ietf.org; atpsh=sha1; h=Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=DvaR0ILGMI564HODXVcLMueaR5e2ElSfZtr+r9PIw6M=; b=UujI aKt1PE0n6BxQq25yHkwUnaKOdNK9Ctp4y4RUYJuQQbs3mhV1v3AzEPGPWkFBiM1L +Sqf9B20tcnMhlA4bsxLXxK8rMapNnpsyIE6aJMa14xmerzDBHJ1PynGg/UmHxv+ /ylTnAzXJglSs0p3ch1LJpNhfpbqGWXsoFkKnbw=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.13) for dmarc@ietf.org; Mon, 31 Jul 2023 12:47:15 -0400
Received: from [192.168.1.68] ([75.26.216.248]) by winserver.com (Wildcat! SMTP v8.0.454.13) with ESMTP id 2624723381.888.2984; Mon, 31 Jul 2023 12:47:14 -0400
Message-ID: <64C7E593.5020408@isdg.net>
Date: Mon, 31 Jul 2023 12:47:15 -0400
From: Hector Santos <hsantos@isdg.net>
Reply-To: hsantos@isdg.net
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/cJE4O-4J0hRLnmCYm814XFK6dGI>
Subject: [dmarc-ietf] Reflections on IETF 117 Conference and DMARC Meeting
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Jul 2023 16:47:24 -0000
Hi, I had the privilege of attending my inaugural IETF 117 conference in San Francisco recently. The experience was enlightening, offering an opportunity to engage with many of the IETF "Mail/DNS Men." Notably, the guidance from Barry, Murray and Pete and others, was invaluable. Their insights deepened my understanding of IETF operations and working groups. I was also pleased with the effectiveness of MeetEcho for remote communication. On occasions when I couldn't attend certain meetings in person, this tool was a godsend. I strongly encourage anyone with a keen interest in IETF protocols to participate in the IETF meetings whenever possible. My visit to San Francisco coincided perfectly with the conference, as I was already in the city visiting my daughter. I found our discussions during the DMARC meeting to be highly productive. Here are my comments on the key topics that Barry highlighted, along with a summary of my input: o Concerning p=reject: - Our focus on p=reject should be expanded to include p=quarantine as they're both challenging. We should perhaps categorize these under 'Restrictive Policies'. - I'm unsure about the best way to phrase p=reject. While I have reservations about the "Standard Track" status in the draft document, I understand that this operational usage can work satisfactorily if people adhere to the advice—primarily, not using p=reject. - Following my discussion with Wei, I intend to consider integrating ARC into my mailer. This could potentially aid with indirect mail flows with SPF and provide more data from smaller operations forwarding mail to larger ARC processors, such as gmail.com. o Concerning SPF: - I concur that the SPF language should be more flexible in the DMARC authorization logic. - I agree with the introduction of an "auth=" tag, as proposed by Alessandro and refined by Levine. - I highlighted that "SPF Comes First" before DMARC or DKIM is known. It is entirely possible that an SPF restrictive policy (-ALL, Hard Fail) can preempt the payload transfer, causing a rejection before the DATA is reached. DMARCbis does acknowledge this possibility, mentioning that receivers might process SPF rejects before DMARC is known. - I mentioned using the deprecated SUBMITTER/PRA (RFC4405/RFC4407) protocols as an implementation detail to access the author's DMARC policy at the SMTP "MAIL FROM" stage. Wei expressed interest in this idea. This could also enhance the "auth=" idea to help manage local policy SPF -ALL handling. Should SMTP immediately reject? The PRA at SMTP could aid this decision for SPF -ALL policies. Based on many years of implementation, it's evident that many mailers are either identical or are using the same software that supports SUBMITTER/PRA, possibly due to ongoing support for the deprecated SenderID (RFC4406) protocol. Here is a small snippet of this morning transaction using submitter: C: MAIL FROM:<> BODY=8BITMIME SUBMITTER=hillary4prez@santronics.com C: MAIL FROM:<> BODY=8BITMIME SUBMITTER=hillary4prez@santronics.com C: MAIL FROM:<37046-60459-85371-8882-hector=winserver.com@mail.masterknife.world> BODY=8BITMIME SUBMITTER=contact@masterknife.world C: MAIL FROM:<22250-29238-140070-4080-sales=winserver.com@mail.mybuddy.email> BODY=8BITMIME SUBMITTER=SlingBag@mybuddy.email C: MAIL FROM:<22250-29237-207069-4080-sales=isdg.net@mail.mybuddy.email> BODY=8BITMIME SUBMITTER=GoBag@mybuddy.email C: MAIL FROM:<22250-29237-206580-4080-sales=heatherlsantos.com@mail.mybuddy.email> BODY=8BITMIME SUBMITTER=SlingBag@mybuddy.email C: MAIL FROM:<22250-29238-140070-4080-sales=winserver.com@mail.mybuddy.email> BODY=8BITMIME SUBMITTER=SlingBag@mybuddy.email C: MAIL FROM:<22250-29237-207069-4080-sales=isdg.net@mail.mybuddy.email> BODY=8BITMIME SUBMITTER=GoBag@mybuddy.email C: MAIL FROM:<67240-116180-380845-15028-sales=heatherlsantos.com@mail.unitedairlines.ltd> BODY=8BITMIME SUBMITTER=SolarSavings@unitedairlines.ltd C: MAIL FROM:<> BODY=8BITMIME SUBMITTER=hillary4prez@santronics.com C: MAIL FROM:<> BODY=8BITMIME SUBMITTER=hillary4prez@santronics.com C: MAIL FROM:<AZOI-S3TBIS7-alaunu96-225_LFW7YUWL02O@in.constantcontact.com> BODY=8BITMIME SUBMITTER=VOikswev@yEHX.kulturklan.com C: MAIL FROM:<22252-29237-206580-4081-sales=heatherlsantos.com@mail.exipure.live> BODY=8BITMIME SUBMITTER=DrLeoShub@exipure.live C: MAIL FROM:<22252-29238-140070-4081-sales=winserver.com@mail.exipure.live> BODY=8BITMIME SUBMITTER=bladderproblems@exipure.live C: MAIL FROM:<> BODY=8BITMIME SUBMITTER=hillary4prez@santronics.com C: MAIL FROM:<22252-29237-206580-4081-sales=heatherlsantos.com@mail.exipure.live> BODY=8BITMIME SUBMITTER=DrLeoShub@exipure.live C: MAIL FROM:<37046-60459-83113-8882-hsantos=santronics.com@mail.masterknife.world> BODY=8BITMIME SUBMITTER=contact@masterknife.world C: MAIL FROM:<37045-53741-2800426-8882-hillary4prez=santronics.com@mail.masterknife.world> BODY=8BITMIME SUBMITTER=contact@masterknife.world C: MAIL FROM:<> BODY=8BITMIME SUBMITTER=hillary4prez@santronics.com C: MAIL FROM:<37049-53741-2800426-8883-hillary4prez=santronics.com@mail.headtrimmer.social> BODY=8BITMIME SUBMITTER=contact@headtrimmer.social C: MAIL FROM:<> BODY=8BITMIME SUBMITTER=hillary4prez@santronics.com C: MAIL FROM:<37049-53741-2800426-8883-hillary4prez=santronics.com@mail.headtrimmer.social> BODY=8BITMIME SUBMITTER=contact@headtrimmer.social I'm pretty sure most these are spam. Thanks -- HLS
- [dmarc-ietf] Reflections on IETF 117 Conference a… Hector Santos
- [dmarc-ietf] Reflections on IETF 117 Conference a… Tero Kivinen
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Alessandro Vesely
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Douglas Foster
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Murray S. Kucherawy
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Alessandro Vesely
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Hector Santos
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Steven M Jones
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Barry Leiba
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Barry Leiba
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Murray S. Kucherawy
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Dotzero
- Re: [dmarc-ietf] No submitters, Reflections on IE… John Levine
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Alessandro Vesely
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Hector Santos
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Scott Kitterman
- Re: [dmarc-ietf] Reflections on IETF 117 Conferen… Murray S. Kucherawy