Re: [dmarc-ietf] Signaling MLMs
Hector Santos <hsantos@isdg.net> Tue, 18 April 2023 13:37 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D5AFC15154F for <dmarc@ietfa.amsl.com>; Tue, 18 Apr 2023 06:37:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, STOX_BOUND_090909_B=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sFJwZyDuRhyw for <dmarc@ietfa.amsl.com>; Tue, 18 Apr 2023 06:37:52 -0700 (PDT)
Received: from mail.winserver.com (mail.winserver.com [3.137.120.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A491C17B335 for <dmarc@ietf.org>; Tue, 18 Apr 2023 06:37:50 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha256; c=simple/relaxed; l=5900; t=1681825069; atps=ietf.org; atpsh=sha1; h=Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=KvezIMjea/4aSSI8lH6nFpjhz6z2bxLkwT94PrpTZmQ=; b=kOhS YV9yeU+s2h9BKLwjVneSEBD0gHu4emp1Dr3ylpdJOORpY0NRvvFHREeiv6NYTCS5 uCH0akufQ79ZVLdcCAkuoklGSOhgvcvnD4weDnc+zxJYHXkEVVPh/6VpgzQoIRlj qy4toolDicRr7nFrlqG2e6E66D7spU77txHLXlw=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.13) for dmarc@ietf.org; Tue, 18 Apr 2023 09:37:48 -0400
Received: from [192.168.1.68] ([75.26.216.248]) by winserver.com (Wildcat! SMTP v8.0.454.13) with ESMTP id 2217860035.1.6892; Tue, 18 Apr 2023 09:37:48 -0400
Message-ID: <643E9D2E.6020703@isdg.net>
Date: Tue, 18 Apr 2023 09:37:50 -0400
From: Hector Santos <hsantos@isdg.net>
Reply-To: hsantos@isdg.net
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: dmarc@ietf.org
References: <5DAE096A-B547-4569-A3C6-34ED9EC91B2D@isdg.net> <AA303EAF-76DA-4FAD-877D-C7B0143E21D3@marmot-tech.com> <643CB79E.7060309@isdg.net> <01ffe451b5f6e748cdcd295221f085e4@junc.eu> <D791743D-9E7F-4724-8181-44EF6148F5B3@isdg.net> <c19d02bdc96f8f016af430710ccb4247@junc.eu>
In-Reply-To: <c19d02bdc96f8f016af430710ccb4247@junc.eu>
Content-Type: multipart/alternative; boundary="------------070802080109040900020908"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/cJUQhYHeHVOZxCriEyYvzZdR0RM>
Subject: Re: [dmarc-ietf] Signaling MLMs
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Apr 2023 13:37:56 -0000
On 4/17/2023 6:48 PM, Benny Pedersen wrote: > Hector Santos skrev den 2023-04-17 20:55: > >> One solution is for the junc.eu domain to add an ATPS authorization >> record for ietf.org [1] to the junc.eu [2] zone: >> >> pq6xadozsi47rluiq5yohg2hy3mvjyoo._atps TXT ("v=atps01; d=ietf.org;") > > retest > >> [3] https://winserver.com/public/wcDmarc > Hi Benny, Thanks for testing!! The verification on your message showed dmarc=fail. Apparently, I couldn't completely turn off the ADSP/ATPS logic when I added the DMARC/ATPS to the wcDKIM Policy verifier. Once I re-enabled ADSP/ATPS, it worked with the expected responses by running the code on the saved original inbound message. The Author Domain policy, if any, in this case ADSP and DMARC, ares applied to each signature found. *Authentication-Results: dkim.winserver.com;** ** dkim=pass header.d=ietf.org header.s=ietf1 header.i=ietf.org;** ** adsp=none author.d=junc.eu signer.d=ietf.org;** **dmarc=pass policy=none author.d=junc.eu asl.d=ietf.org (asl signer);** ** dkim=pass header.d=ietf.org header.s=ietf1 header.i=ietf.org;** ** adsp=none author.d=junc.eu signer.d=ietf.org;** **dmarc=pass policy=none author.d=junc.eu asl.d=ietf.org (asl signer);** **dkim=fail (DKIM_BODY_HASH_MISMATCH) header.d=junc.eu header.s=default header.i=@junc.eu;** ** adsp=dkim-fail author.d=junc.eu signer.d=junc.eu;** ** dmarc=dkim-fail policy=none author.d=junc.eu signer.d=junc.eu (originating signer);* Description. The DMARC record for junc.eu was updated with two new tags: *atps=y;asl=ietf.org* No ADSP record was found. No ADSP+ATPS policy logic applied. The DMARC+ATPS verifier found the asl= signer condition to be true. If asl= was false, the atps=y tag enables an ATPS record lookup for the signer domain ietf.org. Time to update this 2011 code to allow ADSP to be disabled and the new DMARCBis new lookup algorithm considerations. Thanks for exploring this DKIM Policy Model solution with 3rd party signer support using DMARC+ATPS. -- Hector Santos, https://winserver.com/public/wcADSP https://winserver.com/public/wcDMARC
- [dmarc-ietf] Signaling MLMs Murray S. Kucherawy
- Re: [dmarc-ietf] Signaling MLMs Todd Herr
- Re: [dmarc-ietf] Signaling MLMs Douglas Foster
- Re: [dmarc-ietf] Signaling MLMs Steven M Jones
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Murray S. Kucherawy
- Re: [dmarc-ietf] Signaling MLMs Murray S. Kucherawy
- Re: [dmarc-ietf] Signaling MLMs Douglas Foster
- Re: [dmarc-ietf] Signaling forwarders, not just M… John Levine
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Todd Herr
- Re: [dmarc-ietf] Signaling MLMs Barry Leiba
- Re: [dmarc-ietf] Signaling MLMs Barry Leiba
- Re: [dmarc-ietf] Signaling forwarders, not just M… Barry Leiba
- Re: [dmarc-ietf] Signaling forwarders, not just M… Mark Alley
- Re: [dmarc-ietf] Signaling MLMs Murray S. Kucherawy
- Re: [dmarc-ietf] Signaling MLMs Dotzero
- Re: [dmarc-ietf] Signaling forwarders, not just M… John R Levine
- Re: [dmarc-ietf] Signaling forwarders, not just M… Todd Herr
- Re: [dmarc-ietf] Signaling forwarders, not just M… Barry Leiba
- Re: [dmarc-ietf] Signaling forwarders, not just M… Dotzero
- Re: [dmarc-ietf] Signaling forwarders, not just M… Barry Leiba
- Re: [dmarc-ietf] Signaling forwarders, not just M… Brotman, Alex
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling forwarders, not just M… John R Levine
- Re: [dmarc-ietf] Signaling forwarders, not just M… Hector Santos
- Re: [dmarc-ietf] Signaling forwarders, not just M… Hector Santos
- Re: [dmarc-ietf] Signaling forwarders, not just M… Hector Santos
- Re: [dmarc-ietf] Signaling MLMs John Levine
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely
- Re: [dmarc-ietf] Signaling forwarders, not just M… Alessandro Vesely
- Re: [dmarc-ietf] Signaling forwarders, not just M… Alessandro Vesely
- Re: [dmarc-ietf] Signaling forwarders, not just M… Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Murray S. Kucherawy
- Re: [dmarc-ietf] Signaling MLMs Scott Kitterman
- Re: [dmarc-ietf] Signaling MLMs Douglas Foster
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely
- Re: [dmarc-ietf] Signaling MLMs Scott Kitterman
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Murray S. Kucherawy
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Douglas Foster
- Re: [dmarc-ietf] Signaling MLMs Douglas Foster
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Dotzero
- Re: [dmarc-ietf] Signaling MLMs Murray S. Kucherawy
- Re: [dmarc-ietf] Signaling MLMs Jesse Thompson
- Re: [dmarc-ietf] Signaling MLMs Murray S. Kucherawy
- Re: [dmarc-ietf] Signaling MLMs Scott Kitterman
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely
- Re: [dmarc-ietf] Signaling MLMs Laura Atkins
- Re: [dmarc-ietf] Signaling MLMs Jesse Thompson
- Re: [dmarc-ietf] Signaling MLMs Douglas Foster
- Re: [dmarc-ietf] Signaling MLMs Scott Kitterman
- Re: [dmarc-ietf] Signaling MLMs Scott Kitterman
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Give up on SPF alone Douglas Foster
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely
- Re: [dmarc-ietf] Signaling MLMs Scott Kitterman
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely
- Re: [dmarc-ietf] Signaling MLMs Douglas Foster
- Re: [dmarc-ietf] Signaling MLMs John Levine
- Re: [dmarc-ietf] list history, Signaling MLMs John Levine
- Re: [dmarc-ietf] list history, Signaling MLMs Jesse Thompson
- Re: [dmarc-ietf] list history, Signaling MLMs John R Levine
- Re: [dmarc-ietf] list history, Signaling MLMs Scott Kitterman
- Re: [dmarc-ietf] list history, Signaling MLMs Hector Santos
- Re: [dmarc-ietf] list history, Signaling MLMs Wei Chuang
- Re: [dmarc-ietf] Give up on SPF alone Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Neil Anuskiewicz
- Re: [dmarc-ietf] Signaling MLMs Neil Anuskiewicz
- Re: [dmarc-ietf] Signaling MLMs Neil Anuskiewicz
- Re: [dmarc-ietf] Signaling MLMs Neil Anuskiewicz
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Benny Pedersen
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Benny Pedersen
- Re: [dmarc-ietf] Signaling MLMs Benny Pedersen
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely
- Re: [dmarc-ietf] Signaling MLMs Hector Santos
- Re: [dmarc-ietf] Signaling MLMs Benny Pedersen
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely
- Re: [dmarc-ietf] Signaling MLMs Benny Pedersen
- Re: [dmarc-ietf] Signaling MLMs Alessandro Vesely