IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports

Dotzero <dotzero@gmail.com> Thu, 24 December 2020 00:34 UTC

Return-Path: <dotzero@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 68F3D3A08B0 for <dmarc@ietfa.amsl.com>; Wed, 23 Dec 2020 16:34:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QEUthnpSyaEF for <dmarc@ietfa.amsl.com>; Wed, 23 Dec 2020 16:34:38 -0800 (PST)
Received: from mail-qt1-x835.google.com (mail-qt1-x835.google.com [IPv6:2607:f8b0:4864:20::835]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4DBCE3A0827 for <dmarc@ietf.org>; Wed, 23 Dec 2020 16:34:37 -0800 (PST)
Received: by mail-qt1-x835.google.com with SMTP id z20so618660qtq.3 for <dmarc@ietf.org>; Wed, 23 Dec 2020 16:34:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8i4SzhCTleFXhHJKoB3yH8IcR1UBf6VixSRw3VDcBPA=; b=jVDx82O/YGT9u6TNYK1+t2s8QnkTf6eoE82VExtE7RiNstZiUoc6Xy3f/6my6Azc3E KtWj+V60AZr8J9LNkHvacSERDTdQwZKow3keyHkFZzpPyKuQWfWpl3UCAoD+re5+lYVV T+2zEdw52JH9+w+hG40zvlZWB0eKDHjwjJYkd8sPDp3bYaTXOXyf5GxQu3doTTm9ZYTb ZNPO+AEggRnQZXBvIMMu5FzB6WJ1FWQ6aZfWuuoEj0kBFpHGHBZvGZUOkowEsmlS4X8Q udCkUijyN1coTfAhVxE5nJfH29ShjTuxzt9C72dTrGgdUE3BQ4xAcMMGhFNHlwOz0Ak7 vqeA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8i4SzhCTleFXhHJKoB3yH8IcR1UBf6VixSRw3VDcBPA=; b=B10KngZeNHSOYGec0vT+QmVPHLc/JAMh3ZSbs93cCUyu+eTAY+P3ruy0DJOiTJ75iS 5hpkyGRgm6dx9b8adlJSV9hQRzGWNnSxMp9KRYA3Di565vIAy9Ky8KbGQ8lTHB/d/0Yx FxcJf1D1n7i71ONAoEE3V7K1SJfYhs6Z1ODXTGTmM46vqMj9DyMLQM0gSxq8RjPqR2+w qas15Scmt8v2Pw3lG1d2Wna1Eicae5XYquQHfytb3J4ksrKVt0bg50/BHlm35CKFMtKP ZzPJhIFcVAhlGLqFspCIsrpETew28t84qLPXOaeiSh35g9z2kfdWDg0GV3qWlzXiokrC lsQw==
X-Gm-Message-State: AOAM530N2LyzzESY7C8iVykcPQO4K1cWaFsMnIV6NwnrnUTjSGb5EFng WuTlkm5yhkpyixqYJ0604U2HZu8R46T5WkuxA/M=
X-Google-Smtp-Source: ABdhPJxBeAtaGAHTQLlWs4fjJtWugeEbqL90NsoeYI3zIfY/CR+kQY0X8LonAX8z47lWPhXKz2acmBuEYOH2wKoxiKk=
X-Received: by 2002:ac8:5c05:: with SMTP id i5mr27797795qti.34.1608770076494; Wed, 23 Dec 2020 16:34:36 -0800 (PST)
MIME-Version: 1.0
References: <20201218023900.E73B82ACBB2B@ary.qy> <4a43ffaa-3987-c892-cce7-56f18888cdf5@tana.it> <39125012-e356-d62d-36fd-a7ff25a9f59f@taugh.com> <e6880ba9-f5f3-1050-25c0-658551187512@tana.it> <6bba023-d3d9-63a5-8441-11dac9a05e28@taugh.com> <74051a64-871a-db72-b5d9-1be374e23015@tana.it> <a323077-9b64-555b-3561-62cdc93819fd@taugh.com> <a8281e16-9417-5189-df73-79ea0a865fbd@tana.it> <c713b9ae-a364-1ae0-e79-55f61624aa3d@taugh.com> <3034face-b6fc-0ce2-fa1b-f59210bd6f5b@tana.it> <46339b38-3b24-bcb7-5e73-8a97038ed69@taugh.com> <3997c81d-3b30-0823-a752-fb1d60a44593@tana.it> <74a5c37-19a6-6f6f-a51d-6e5cca5b29e8@taugh.com> <CAJ4XoYdXWTgADpdL1eJuYGnpSY038vj-FW_x1f2rEp1JL0r2oA@mail.gmail.com> <01RTICXKLL3E0085YQ@mauve.mrochek.com> <c5f7413e-52c1-6710-16e5-63f59d2c24b9@taugh.com> <CAL0qLwYDeV9CmFg9qCCGPse00JV30WRiSC4orC-EitK=hiahgA@mail.gmail.com> <a79dd75-4d73-d1dc-d6b1-272de866b950@taugh.com> <CAL0qLwZXu3FxH7QGBS7PGbeDwfDTGmC=rbPEQidVV4eDJNHLUA@mail.gmail.com>
In-Reply-To: <CAL0qLwZXu3FxH7QGBS7PGbeDwfDTGmC=rbPEQidVV4eDJNHLUA@mail.gmail.com>
From: Dotzero <dotzero@gmail.com>
Date: Wed, 23 Dec 2020 19:34:26 -0500
Message-ID: <CAJ4XoYeK2cJb+easc=mqCi4ap1932LmbDdfxM1dFZKrdo2a2mw@mail.gmail.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: John R Levine <johnl@taugh.com>, IETF DMARC WG <dmarc@ietf.org>, Ned Freed <ned.freed@mrochek.com>
Content-Type: multipart/alternative; boundary="000000000000ef4e4105b72af8d5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/es-m7yZWnJKLEuHv1F4q1PDiQm8>
Subject: Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Dec 2020 00:34:39 -0000

On Wed, Dec 23, 2020 at 4:52 PM Murray S. Kucherawy <superuser@gmail.com>
wrote:

> On Wed, Dec 23, 2020 at 12:08 PM John R Levine <johnl@taugh.com> wrote:
>
>> > Failing that, I have another proposal to consider that might aid us in
>> > shipping a standards track DMARC sooner: Remove any and all mention of
>> > failure reports, and do all that in a later add-on document as was done
>> > with RFC 6651.
>>
>> Given how marginal failure reports have turned out to be, that doesn't
>> seem like a great use of our time.
>>
>
> Well the "Remove" part was the key to getting us unstuck if this turns out
> to be a pain point, if they are indeed marginal and seldom used.  So stick
> a "maybe" before "do".
>
> -MSK
>

Based on my experience, I disagree that failure reports are marginal and
seldom used. It's kind of like an iceberg, mostly below the surface. Seeing
as most of the action is (currently) between contracted parties, it would
be nice to hear some of the intermediaries such as Agari, ValiMail,
Dmarcian and ? chime in. Perhaps some of the large mailbox providers could
chime in on number of domains they are sending failure reports for. If
individual companies providing numbers are a problem, perhaps M3AAWG could
provide combined numbers from a number of mailbox providers/receivers.

Michael Hammer

v2.23.0 | Report a Bug | By Email