IETF Logo Mail Archive

Re: [dmarc-ietf] tree walk and Org and PSD, Second WGLC for draft-ietf-dmarc-psd

"Chudow, Eric B CIV NSA DSAW (USA)" <eric.b.chudow.civ@mail.mil> Mon, 23 November 2020 14:29 UTC

Return-Path: <eric.b.chudow.civ@mail.mil>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C3BF3A0C9A for <dmarc@ietfa.amsl.com>; Mon, 23 Nov 2020 06:29:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.199
X-Spam-Level:
X-Spam-Status: No, score=-0.199 tagged_above=-999 required=5 tests=[DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mail.mil
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 91jafKDPNSwB for <dmarc@ietfa.amsl.com>; Mon, 23 Nov 2020 06:29:19 -0800 (PST)
Received: from UCOL19PA37.eemsg.mail.mil (UCOL19PA37.eemsg.mail.mil [214.24.24.197]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 918193A0C9C for <dmarc@ietf.org>; Mon, 23 Nov 2020 06:29:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.mil; i=@mail.mil; q=dns/txt; s=EEMSG2018v1a; t=1606141759; x=1637677759; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=Y0lJ8euuyYE35xTSNl2lFsA7O+irpTYMX5hMEMPI9Ko=; b=poN3N2SipL8sD0gXqluyWKDZ8rJvTs8sn9k2CgWbc61KC+HqEfG16Zzu IVbQ4BI1RY+2g+gNG/1kpwbzP0GhT3BLiYO8YOPcgqWcF6TF+OERWPScQ Ox3H7SxphWOdObvoUgfSytjdJDtli2vTFsbvuqo5GJes4lk1FbVADwz2p m1jcOgcdjfCDXLem+FPrIFIMPFg6EcGK8UvNOqMFbia5l/6qLAOS4k18t KSmykhoBE+3gjWlnKlJCbCWNUqZpVnkVRHDBg4n/RruyVRs4LtJOqk8GQ T7fhah2gxlJc7y/G/fdKe11NOSZE+Lt4xBT6hzKvWqBX7yJCMLJLPJdjS A==;
X-EEMSG-check-017: 180259945|UCOL19PA37_ESA_OUT04.csd.disa.mil
X-IronPort-AV: E=Sophos;i="5.78,363,1599523200"; d="scan'208,217";a="180259945"
Received: from edge-mech02.mail.mil ([214.21.130.231]) by UCOL19PA37.eemsg.mail.mil with ESMTP/TLS/DHE-RSA-AES256-SHA; 23 Nov 2020 14:29:16 +0000
Received: from UMECHPAOR.easf.csd.disa.mil (214.21.130.161) by edge-mech02.mail.mil (214.21.130.231) with Microsoft SMTP Server (TLS) id 14.3.487.0; Mon, 23 Nov 2020 14:28:23 +0000
Received: from UMECHPA7D.easf.csd.disa.mil ([169.254.6.235]) by umechpaor.easf.csd.disa.mil ([214.21.130.161]) with mapi id 14.03.0487.000; Mon, 23 Nov 2020 14:28:23 +0000
From: "Chudow, Eric B CIV NSA DSAW (USA)" <eric.b.chudow.civ@mail.mil>
To: Laura Atkins <laura@wordtothewise.com>, "Murray S. Kucherawy" <superuser@gmail.com>
CC: IETF DMARC WG <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] tree walk and Org and PSD, Second WGLC for draft-ietf-dmarc-psd
Thread-Index: AQHWwZtiqQAQOpNRTkOng1A17Bshh6nVxPAngAABpOs=
Date: Mon, 23 Nov 2020 14:28:22 +0000
Message-ID: <553D43C8D961C14BB27C614AC48FC0312811FC37@UMECHPA7D.easf.csd.disa.mil>
References: <CAL0qLwYgTiHW5XXt3PTUMOiSHV0wUt_fRLyZS7D5v1ZH_WUCNg@mail.gmail.com> <20201122022346.C039627B3EF9@ary.qy> <CAL0qLwaW5kFgwZ3YH9jkkUsmSLtYdqZiULN+CDfAWdRa93JHDw@mail.gmail.com>, <9B843155-8A96-4F0B-8DF3-8F5C580AA023@wordtothewise.com>
In-Reply-To: <9B843155-8A96-4F0B-8DF3-8F5C580AA023@wordtothewise.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [214.21.97.88]
Content-Type: multipart/alternative; boundary="_000_553D43C8D961C14BB27C614AC48FC0312811FC37UMECHPA7Deasfcs_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/dx-h-lNx3VeFXOYrIg9GrBPpkUY>
Subject: Re: [dmarc-ietf] tree walk and Org and PSD, Second WGLC for draft-ietf-dmarc-psd
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Nov 2020 14:29:20 -0000

Even for .mil, the vast majority of email domains are fairly short with four or fewer labels. Most of the other ones tend to be individual servers that send automatic performance emails, and I think should be considered more of an edge case and less of our concern.



Thanks,



Eric Chudow

DoD Cybersecurity Mitigations



________________________________
From: Laura Atkins [laura@wordtothewise.com]
Sent: Monday, November 23, 2020 8:19 AM
To: Murray S. Kucherawy
Cc: IETF DMARC WG
Subject: Re: [dmarc-ietf] tree walk and Org and PSD, Second WGLC for draft-ietf-dmarc-psd



On 22 Nov 2020, at 06:06, Murray S. Kucherawy <superuser@gmail.com<mailto:superuser@gmail.com>> wrote:

On Sat, Nov 21, 2020 at 6:23 PM John Levine <johnl@taugh.com<mailto:johnl@taugh.com>> wrote:
It is my impression that most real From: domains are pretty short. I
don't think I've ever seen one more than four labels long that wasn't
deliberately contrived. Anyone got data on that?

I'd bet there are some in .gov or .mil, especially the latter, but otherwise I think the longest one I've seen is five, and that was not a host that receives mail.

I'm sure we can all scrape our own mail logs for evidence either way.

This might be a place where one (or more) of the big ESPs can help. They’re going to have billions of email addresses and know which ones have MXs. I’m happy to ask for that data if it would be of use.

laura

--
Having an Email Crisis?  We can help! 800 823-9674

Laura Atkins
Word to the Wise
laura@wordtothewise.com<mailto:laura@wordtothewise.com>
(650) 437-0741

Email Delivery Blog: https://wordtothewise.com/blog

v2.23.0 | Report a Bug | By Email