Re: [dmarc-ietf] DMARC'ed reports, was Forensic report loops are a problem

Seth Blank <> Tue, 02 February 2021 02:44 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 436B33A16A4 for <>; Mon, 1 Feb 2021 18:44:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id c2qLDSXOijd1 for <>; Mon, 1 Feb 2021 18:44:38 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::92c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4FF913A16A3 for <>; Mon, 1 Feb 2021 18:44:38 -0800 (PST)
Received: by with SMTP id o31so1706725uae.2 for <>; Mon, 01 Feb 2021 18:44:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=g4ILD3zJOV2FjR0FWXwLg8BdiS5eWS4W5fmAiovyxYo=; b=Tw6FP3KAsMD5/J89C2VdfIzW5GJrenVIPE2/Knqxh1m2yfm8L6lLri9Z0vzCGFzBT3 eWqEC+t7zJjvEdCh8NfqW29mZIdKe9uzVoX26Bwjta68pzRgZ/yOD+MQwWtSiC94db3p msr+JoKgmZS5PvnPMr9mBlqwTGMTkUu3HqDeGe7vwcng5C93/cPfBI3VkPcAb4YgAq+X cxYGTd/Y71uo8Tyfvk+oW0Ev2t4FVm4f00F9+AF9YRRvxNndL2fIRxwhgcqe3zggsEHa 8L4NQp0Dfq+wmF5tmYEGmipVBOZMQrhCowz80Db2nFIPta1GLJzeN7xV9eL5drZSnqDO YJ/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=g4ILD3zJOV2FjR0FWXwLg8BdiS5eWS4W5fmAiovyxYo=; b=abKgsH/ML6b+BpvNCtonPTNqX10h1hZjtVa93xbs0a2QGE8nS/slqSBDyBh6xVLDnR nwiaMCWjETjKcJsamjYehrFDC+3rKxBEgvUZScst0l2wnt7yvPR7AO/22wfC4/pu8sP/ ecnFdrS+YqYOt+XKO3SzdJqZnRXvFkeSs0VwQppKMKJRi+amWjnTY3FqX3ZByB4vs1a1 1c642FErNgHh/b0UnKjYQXDocTQ5S1g/9qAtFW2ohflfITIF4jkqVYgjEOOdNvnxQ/z/ uqI0Dt9AvXKkergUVDMUbdxENeyXPm2yKk164QtLZmbcBI6AKxZTQ/LZIHaLdeH0IKBQ WtaA==
X-Gm-Message-State: AOAM532e/MZCQmNrAh07mnVOTE9xiIXv+6VCqlmZTDb31U5nwF/GwliD PQGW52KGDPaBD+jdI3+IF2AVI3gxvseXOEhk3r7MPA==
X-Google-Smtp-Source: ABdhPJz7s0o7bFB8bBpM4VvNTBivEHFwk1EE1nAoqf9/JrNPDtKVXTyC2WsxeLRS6OT4xu0B2TNGjSxgWo6dZcdLgdE=
X-Received: by 2002:ab0:14a9:: with SMTP id d38mr4512935uae.47.1612233877239; Mon, 01 Feb 2021 18:44:37 -0800 (PST)
MIME-Version: 1.0
References: <20210201232105.1931D6D20971@ary.qy> <> <> <> <> <> <> <> <>
In-Reply-To: <>
From: Seth Blank <>
Date: Mon, 1 Feb 2021 18:44:26 -0800
Message-ID: <>
To: Michael Thomas <>, IETF DMARC WG <>
Cc: Douglas Foster <>, Dave Crocker <>
Content-Type: multipart/alternative; boundary="0000000000008c49f705ba5173ac"
Archived-At: <>
Subject: Re: [dmarc-ietf] DMARC'ed reports, was Forensic report loops are a problem
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 02 Feb 2021 02:44:40 -0000

All-- this thread is unproductive and becoming increasingly combative.

Per our discussion on list decorum and BCP 94 warnings (

    Finally, several members of this working group seem to be very
effective at
    antagonizing each other. If a thread is spiralling, and a BCP 94
warning is
    given and not heeded, all active participants in the thread after the
    warning has been issued will be suspended, even if it’s to tell others
    respect the warning.

This is an official BCP 94 warning. Everyone please disengage from this

Seth, as Chair

On Mon, Feb 1, 2021 at 6:37 PM Michael Thomas <> wrote:

> On 2/1/21 6:31 PM, Douglas Foster wrote:
> > Michael, let it go.
> >
> > If someone stops you to say "your zipper is down", you will not ask
> > them for proof of identity, you will excuse yourself and investigate
> > the problem.   By my reckoning, DMARC reports are a lot like that.
> >
> 1. This is already part of DMARC, though it can use some work
> 2. If somebody says your zipper is down, they can clock you when you
> look down to check to steal your wallet. Do not underestimate what
> attackers can do with unauthenticated data.
> Mike
> _______________________________________________
> dmarc mailing list


*Seth Blank* | VP, Standards and New Technologies
*p:* 415.273.8818

This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.