IETF Logo Mail Archive

Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result

Douglas Foster <dougfoster.emailstandards@gmail.com> Wed, 19 October 2022 02:20 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8FD15C1524B1 for <dmarc@ietfa.amsl.com>; Tue, 18 Oct 2022 19:20:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.107
X-Spam-Level:
X-Spam-Status: No, score=-7.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oRNSWc98ZsvI for <dmarc@ietfa.amsl.com>; Tue, 18 Oct 2022 19:20:29 -0700 (PDT)
Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1B592C1524A0 for <dmarc@ietf.org>; Tue, 18 Oct 2022 19:20:29 -0700 (PDT)
Received: by mail-lj1-x236.google.com with SMTP id i21so17456396ljh.12 for <dmarc@ietf.org>; Tue, 18 Oct 2022 19:20:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=6MZvE9jxFYNX33HGhKUH5cPvFHCdKpP6k8Zj3Y5DtVo=; b=QZirZcMgzJy4ngvRpyJfVoN8c2LTlaQSYe20xMO6qiu0MMxHMF3dInQ3K7KfcsUr7/ npMKwPJa/eq4FJpYfhhbtGQ1E8IBhtG1vHCbyqR/mGAOv0ns7qFJOASOBV9ux3HeP3li eMB5SQOZfHo6r3ePm/uwj8cKmQWc264/v0V4tBgZ240RHtZhtmLZBwcGGwAzqfHw3X1N Ku5YNJC+5AQLwhLgdjJerHkULLOKVBrq6j1bDlMInD/vnJXCcr4K4zHHOGx0mJ/zMlZ7 lHyDvZracNzJ0jJ0AY/4zpcZQwGSWkVpOadnxQiFqKErlQMo5GLmOxijhFX6E6kiihiB 0fOQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=6MZvE9jxFYNX33HGhKUH5cPvFHCdKpP6k8Zj3Y5DtVo=; b=y4p2PKwoXd9PPQuu+wQ7yc7/6dmubbwyRbksGG952z8pLvCz/C6kOth1+To8kGbpyh X/xbAFYzoYBjZbHWIbSdZJ2eUUyrl4rsf7VWBi8swP+l+UX+BCkEAMITLyN4aO8ADOJU 7kgT73mrLDFB02wGnzQYTqZc2ad2aC+wliwShkNEAx9JfJuZDfy8LyKQheLF5XdjsraD DLMiCGbWDTKyLNi4VoJjzIv1SBLIOWMca5/Nlc2hE40u93V3ECgT7Cd7pEZ8obcse+Fc 9ZsOpGwvCMm/kVZPuwfQUH6qWsddM51qmclKViJOCYKvVKv/8Ky5mVe+efoQKQ/1tbKJ A0iA==
X-Gm-Message-State: ACrzQf1exBcKMyZ4zqC1aEqjq3Pgn2eifVWCcyoSpik2pMig+K4rf9y5 59gThIfuGeOOrfN/BN/sKbbNb4e4rvRoHvC2SO45o7Lo
X-Google-Smtp-Source: AMsMyM4BcUE/FPkRjpZ1+yIASh6ILIpiNAn3Ay+anXomaRGsGHhHRKFxLN5mjU3vRfKWmuZMNSXMdmrhYZEF15PtWj8=
X-Received: by 2002:a05:651c:1954:b0:26f:e9d7:1650 with SMTP id bs20-20020a05651c195400b0026fe9d71650mr1929668ljb.140.1666146026223; Tue, 18 Oct 2022 19:20:26 -0700 (PDT)
MIME-Version: 1.0
References: <CAH48ZfxZOq68=P-Qxjvjk1c8PxWAWDvaBPPQcb4DWmd6cL=u4Q@mail.gmail.com> <F945F4A4-198A-4D7C-BCC9-F3B5F8FC8C26@marmot-tech.com>
In-Reply-To: <F945F4A4-198A-4D7C-BCC9-F3B5F8FC8C26@marmot-tech.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Tue, 18 Oct 2022 22:20:13 -0400
Message-ID: <CAH48ZfyK_DqjkU2RyaaSnzyteoBFw_sDwfC2V9AyG1EsHqXdWQ@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000097dc505eb59dace"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/co32n8Aq1S44vR5uLT1HrK--8s4>
Subject: Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Oct 2022 02:20:29 -0000

I cannot support a MUST statement, but I could support a MUST NOT:

"If an evaluator cannot provide results on all relevant identifiers, the
message MUST NOT be included in aggregate reports."

The apprropriate language depends on domain owner preferences:   Do they
prefer no information to partial information?  Obviously, if partial
information is not prohibited, then it needs to be flagged as incomplete so
that report processors can decide whether to user or discard it.

My original point was that it is a behavior which can be anticipated, so
the specification should address the possibility.

Doug

On Tue, Oct 18, 2022 at 6:16 PM Neil Anuskiewicz <neil@marmot-tech.com>
wrote:

>
>
> On Oct 2, 2022, at 11:01 AM, Douglas Foster <
> dougfoster.emailstandards@gmail.com> wrote:
>
> 
> In many cases, an evaluator can determine a DMARC PASS result
> without evaluating every available identifier.
>
>    - If a message has SPF PASS with acceptable alignment, the evaluator
>    has no need to evaluate any DKIM signatures to know that the message
>    produces DMARC PASS.
>
> I think it’s critical to DMARC that receivers do things like evaluate and
> report on DKIM whether or not SPF passes and is alignment. Without this, it
> would make it harder for senders to notice and remediate gaps in their
> authentication. Since there’s not a downside (that I know of), I’d say this
> should be a MUST if at all possible.
>
> Neil
>

v2.23.0 | Report a Bug | By Email