Re: [dmarc-ietf] Tree Jump method - reporting targeting
Scott Kitterman <sklist@kitterman.com> Sat, 02 April 2022 23:40 UTC
Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 862C03A1848
for <dmarc@ietfa.amsl.com>; Sat, 2 Apr 2022 16:40:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.11
X-Spam-Level:
X-Spam-Status: No, score=-2.11 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001,
T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral
reason="invalid (unsupported algorithm ed25519-sha256)"
header.d=kitterman.com header.b=1aZRCXAw; dkim=pass (2048-bit key)
header.d=kitterman.com header.b=SoFX4tgA
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id OYuMFrs_9fND for <dmarc@ietfa.amsl.com>;
Sat, 2 Apr 2022 16:39:58 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com
[64.20.48.66])
(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 0325E3A1845
for <dmarc@ietf.org>; Sat, 2 Apr 2022 16:39:57 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com
[64.20.48.66])
by interserver.kitterman.com (Postfix) with ESMTPS id 125BAF80278
for <dmarc@ietf.org>; Sat, 2 Apr 2022 19:39:57 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com;
i=@kitterman.com; q=dns/txt; s=201903e; t=1648942797; h=from : to :
subject : date : message-id : in-reply-to : references : mime-version
: content-transfer-encoding : content-type : from;
bh=B9Il41tsnJyDmcnjPrLZ0EjMwq6kTcb1XTf7IpwHD1I=;
b=1aZRCXAwQ36EI8BFiVGgi2HiNUku5mFJWbF4s695XBteFu0AI7PqKigsUoCuNC62KQIJ5
jj4p+q5YAGCDyW3BA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com;
i=@kitterman.com; q=dns/txt; s=201903r; t=1648942796; h=from : to :
subject : date : message-id : in-reply-to : references : mime-version
: content-transfer-encoding : content-type : from;
bh=B9Il41tsnJyDmcnjPrLZ0EjMwq6kTcb1XTf7IpwHD1I=;
b=SoFX4tgACTbDMhpMXa5bo36hHDrlZDSn0I1/hIMB2myQc1KHYqdyh3Be1MBD2ihmbIvVQ
gPOpcA49U+w0GA+DjVFsVZGrg64URBQtI56jK0eTml8NKdKsfmnOTXMSRnDKABrnBj+G470
h+Cd2Z4vKT6aYBJUZoIeNJTXv6qoFkxR0G4IE5FAPXjnHaubSkHaY2CsohjicifuSsNFQcP
+wk12sSksT69J8eQrs2VRKRUWLTpjUnT1E1+dgfbY43Tp+EfzRKMlX2BRlDhovlGoph1XH2
MJwFNgwdHgJE3OMf5f3BqXCe+vmgyr9g2ILU5av0JZx5sz5RmHYnmJgJ56zw==
Received: from zini-1880.localnet (static-72-81-252-22.bltmmd.fios.verizon.net
[72.81.252.22])
by interserver.kitterman.com (Postfix) with ESMTP id E7FAAF80026
for <dmarc@ietf.org>; Sat, 2 Apr 2022 19:39:56 -0400 (EDT)
From: Scott Kitterman <sklist@kitterman.com>
To: dmarc@ietf.org
Date: Sat, 02 Apr 2022 19:39:56 -0400
Message-ID: <2570416.r3p9ochTlX@zini-1880>
In-Reply-To: <CAH48ZfwJrDK9oCpiF=-4snWs_Vu=veHo7Daka1uwTD3WK8CwWA@mail.gmail.com>
References: <CAH48ZfwJrDK9oCpiF=-4snWs_Vu=veHo7Daka1uwTD3WK8CwWA@mail.gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 7Bit
Content-Type: text/plain; charset="us-ascii"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/cjRD6-zsRJQj110Rf9g5qF2jhMQ>
Subject: Re: [dmarc-ietf] Tree Jump method - reporting targeting
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting,
and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>,
<mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>,
<mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Apr 2022 23:40:03 -0000
On Thursday, March 31, 2022 7:13:57 AM EDT Douglas Foster wrote: > While the PSL can determine an organizational domain from any From address, > the Tree Jump method only works if there is a single-subdomain DMARC policy > to contain the orgname=FQDN token. This means that we would need to > encourage domain owners to publish policies on each domain that sends mail, > something that is not required now. > > But if I understand the specification correctly, every DMARC policy serves > to partition the reporting scope, with results for subdomains sent to the > subdomain target, and results for the organizational domain sent to the > organizational domain target after excluding the separately-reported > subdomain results. Domain owners may be reluctant to publish > single-domain policies because they do not want this partitioning. > > Consequently, it seems desirable to have a reporting preference indicator > for DMARC policies on subdomains: ReportTargets=(self, org, both). > When ReportTargets=org, the rua=address could be omitted, since the rua > destination will be taken from the organizational domain policy. > ReportTargets=org would allow the domain owners to publish > single-subdomain policies without altering the reporting structure, and > without replicating a specific address in multiple policy records. This misunderstands how RFC 7489 works. The DMARCbis approach with the tree walk works the same as RFC 7489 in this regard. It's either the 5322.From domain, if it has a policy, or the organizational domain if it does not and the organizational domain does. No difference. Scott K
- [dmarc-ietf] Tree Jump method - reporting targeti… Douglas Foster
- Re: [dmarc-ietf] Tree Jump method - reporting tar… Scott Kitterman