Re: [dmarc-ietf] Recipient domain in aggregate reports (#23)

Douglas Foster <dougfoster.emailstandards@gmail.com> Mon, 03 May 2021 11:21 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B6273A03F2 for <dmarc@ietfa.amsl.com>; Mon, 3 May 2021 04:21:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mPUClnrk93kZ for <dmarc@ietfa.amsl.com>; Mon, 3 May 2021 04:21:44 -0700 (PDT)
Received: from mail-ot1-x335.google.com (mail-ot1-x335.google.com [IPv6:2607:f8b0:4864:20::335]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 726423A0489 for <dmarc@ietf.org>; Mon, 3 May 2021 04:21:44 -0700 (PDT)
Received: by mail-ot1-x335.google.com with SMTP id d3-20020a9d29030000b029027e8019067fso4691557otb.13 for <dmarc@ietf.org>; Mon, 03 May 2021 04:21:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=MrpflDE6ZcXuQv9dAuYTOdq7F3wZBceQYgP1gLc2wLw=; b=bB6SRrKvehPReYSs94P/1T+eb9TThzxRcM9jEf9xvvmHzQMZLS4dVP06MIYNkPQq4W slYMtvDpc5TVjc4xCfwoiDSWAH5mioygPAZYGY0HzaB2vcs+WrEIE7H5ToVJm4wcK+eb H03JKNsWPwb3/5f5t1EoZyqj8SnvLRHC/ttW3cakuDKMDW5TKYEm/R87wLWwAqPBIJiL l2d+GUTU5E4wzIJxg3amuLn5ovh8pd10XJKhbEfOXlOLlMZ2nstzjej714guxcYGOnfr 4ipTzSu7MUO6rEH9KGkc9YOzDDqwaREJgcF1621ZXPsg86BMmQt8OPBWfSeTgbT7+eVm fAUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=MrpflDE6ZcXuQv9dAuYTOdq7F3wZBceQYgP1gLc2wLw=; b=luRPgVVuY+7E37driM5BXznR7B/xAQpTxOZxTS4ouGGIO0FqvtnsqtQZNR75XzhDMl yINkGdrUCioUP/7RAmSKOhJbXnBqIBZEFT8GOB6GjwE5LSfCaALdIP/mSUoCage0Qv1w cD+QHjQt6FHfQ+2SVAWhSOm4LmumNHZJFDEuqh+3luYWz/E0ALZwVFC6p1RTueQfmEvJ eoxdCXixmKzEwCPRSVmbsDi1x2xvHwcQRNMMxLau4atzfNsf5veZUnJCjZaIOmMKQU3E NnM/VgDlcbIZtNbLKf3uAut/Mmeu/4v/EeQaWK0o3h3WAGNF/a2DolzkpMS9e6bt4qP6 SxTA==
X-Gm-Message-State: AOAM5300X2IcHiX9QQz0+1mDVXYK235bGa+WgXLCv3Ub/vLaE8r+I7XP mGBz7TxH63joZjG7toQVuRipjDUtZwtJyjPe/QmAlXk0
X-Google-Smtp-Source: ABdhPJyvSqHFrdiyV9JKk4CQ/3NydyVpelQlbzeBA0j7ekZikuY9nkHWsFs9BgDoLLdOiGR2C3eva/Towgi0NYD7n+U=
X-Received: by 2002:a9d:30b:: with SMTP id 11mr13838080otv.298.1620040903171; Mon, 03 May 2021 04:21:43 -0700 (PDT)
MIME-Version: 1.0
References: <20210502203007.2AE156284F0@ary.qy> <215690a6-2b04-3355-9999-816a1c3d7126@heeg.de> <70E22447-47F6-4B92-B47F-664A81107836@wordtothewise.com>
In-Reply-To: <70E22447-47F6-4B92-B47F-664A81107836@wordtothewise.com>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Mon, 3 May 2021 07:21:32 -0400
Message-ID: <CAH48Zfy0_jvDAtwQ+MrK4kk=J1iqO=6z1+ToBPiAOYeJ5qWHyg@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008e200005c16b2ab4"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/dB0dG7qZDqa3wMFG0X06w3asfE4>
Subject: Re: [dmarc-ietf] Recipient domain in aggregate reports (#23)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 May 2021 11:21:49 -0000

To address Laura's concerns about individual targeting, the reporting needs
to ensure a minimum level of aggregation on all reports.

This starts with MailFrom.   If less than N unique recipient addresses are
included, the report should not be sent at all

If a DKIM selector occurs on less than N unique recipient addresses, the
DKIM selector should be replaced with * or Null.

I do not have a strong opinion about N, but am thinking 10.

Doug Foster



On Mon, May 3, 2021 at 4:49 AM Laura Atkins <laura@wordtothewise.com> wrote:

>
>
> On 3 May 2021, at 07:27, Hans-Martin Mosner <hmm@heeg.de> wrote:
>
> Am 02.05.21 um 22:30 schrieb John Levine:
>
> It appears that Matthäus Wander <mail@wander.science> said:
>
> envelope_to allows you to automatically correlate these reports and
> reconstruct the forwarding path. This helps to identify the culprit who
> is breaking DKIM signatures, especially with longer forwarding chains.
> Without envelope_to, reconstructing the mail flow requires guessing and
> manual work.
>
> It is none of your business to whom I forward my mail.
>
>
> True, unless you (generic you, not John L.) make it my business by
> complaining about not receiving my mail either in a
> support request (which may cause quite some work) or in a public forum
> (which might damage my reputation and even cause
> more work).
>
>
> I will point out that for a lot of us online (specifically those of us who
> don’t check any or all of the the cis-het-white-male categories) forwarding
> mail and protecting our identities are crucial to our ability to actually
> participate in an online life. Stalking and harassment are real. I,
> personally, have been being low-level stalked by someone for over a decade
> now. I have been put into positions where I have to make calculated
> decisions about my ability to participate in places based on my personal
> safety. I have involved the police in the past for specific threats against
> me. The first time I was threatened and stalked online was more than 20
> years ago. This is not some ‘oh, it only happens to some people’, it
> happens to a lot of people, regularly.
>
> The threats I’ve had to deal with, just for being a woman in an online
> environment, are minor compared to some threats other women, BIPOC and
> members of other marginalized groups have had to put up with. I’ve never
> had to move out of my house for my safety. ISPs HAVE doxxed individuals in
> the past, both accidentally and through deliberate policy decisions. Adding
> personally identifiable information into DMARC reports is problematic in a
> way I don’t think many men here realize.
>
> It is not anyone’s business how I might route mail to protect my safety.
> And, frankly, the issues of data privacy and safety for people online
> significantly trump the concern that someone’s reputation might be slightly
> impacted because they can’t troubleshoot an individual mail failure.
>
> I am too often in a position of being requested to solve a problem but the
> requestors don't even provide the minimal
> logging info or even error texts to even start analyzing their problem. In
> such cases I want to be able to look at as
> much info as possible so as to provide a decent service.
>
> I don't snoop on mail logging info to satisfy my curiosity or to increase
> my revenue, but to solve my user's problems.
>
>
> This is irrelevant. How, in fact, do you protect your users safety and
> privacy? How do you ensure that the request is actually coming from your
> user and not from someone attempting to discover where they are and defeat
> personal safety measures your user has put in place to protect themselves
> from harassment and stalking? Maybe they don’t provide the minimum logging
> info or texts because they’re attempting to social engineer you into
> revealing someone’s information and identity that forms a chain that leads
> to their safety being compromised.
>
> Whether envelope_to would help my work isn't clear, but apparently it
> would help Matthäus in his work.
>
>
> But is that work necessary and relevant? Does that process protect people?
> Does it faciliate online threats, harassment and stalking? Will someone who
> is trying to hide their location due to a credible threat be harmed by this
> protocol decision?
>
> laura
>
> --
> Having an Email Crisis?  We can help! 800 823-9674
>
> Laura Atkins
> Word to the Wise
> laura@wordtothewise.com
> (650) 437-0741
>
> Email Delivery Blog: https://wordtothewise.com/blog
>
>
>
>
>
>
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>