IETF Logo Mail Archive

Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports

John R Levine <johnl@taugh.com> Tue, 22 December 2020 16:39 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 10F103A1167 for <dmarc@ietfa.amsl.com>; Tue, 22 Dec 2020 08:39:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=WC5Hr9lJ; dkim=pass (2048-bit key) header.d=taugh.com header.b=cAuXY0E6
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jWEFVypariBx for <dmarc@ietfa.amsl.com>; Tue, 22 Dec 2020 08:39:12 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE2083A1166 for <dmarc@ietf.org>; Tue, 22 Dec 2020 08:39:11 -0800 (PST)
Received: (qmail 14453 invoked from network); 22 Dec 2020 16:39:10 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=3872.5fe2212e.k2012; i=johnl-iecc.com@submit.iecc.com; bh=LZ5abR+XRwrST2izVO7dF7P1Rj3BWXfG9i4HNPmrv3k=; b=WC5Hr9lJHJAerfrIsEqHFDPkT/LV2WIzN52dtVvlaet7br9HtzRPjNcxDbdS6LXrKDi7uaq2BThaV3YP2u/0A4TjOOE2LSt63zxqa2AVdyT/WUS7RurFJGw42gYwGmiY71UvbKrIkTREZBY/7HQ6no8vqUMtVfH81L1ofPrypNPJhPs6BDHxmdnJMnF0S0x6lW7W4RDNqiPaq/JGi4X3wZ1ua7kRg0HsX8792zWqMev3SmTAwWqIK06gcyY8bVW+kNMB9rNfK064keI6xBQAt1o5zQ783M8VJt5wEiqaSPwi1jtU9o10u53vV3lP7Qr8/jghw5uVu6vwDVlB4eJd1Q==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=3872.5fe2212e.k2012; olt=johnl-iecc.com@submit.iecc.com; bh=LZ5abR+XRwrST2izVO7dF7P1Rj3BWXfG9i4HNPmrv3k=; b=cAuXY0E6OHn2LLzWB52MZq5L7j7OYuH5OE0PIUVBSkEBcVeB1yqEM1MGFi0vc8zwGG5bZry75R4x4WnciLEYcjHVkISRSLsJZkWHjYprMw3WRAyHdt8I2PRVV/plHjhgjC7OPQDk/UAbbjCKAVkZa0Qe28Lyb0ilSSmv21OoyQxgFE1jZz28Q3S7Vzyq+9J4YUt2PTz1r9BLeFqiYEkgJQ/f1oHC+7Px6UgKfft6GAivoiOK370q5YrfUHpKZp0IWBqu4DmE9K+W7UzdEOrRnclKK0kEXXewqpusFX1KVQwYaj6KyuJgp7CUbzLxqv8tN81DQtfRAXHaV5j8m79d/w==
Received: from localhost ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPSA (TLS1.3 ECDHE-RSA AES-256-GCM AEAD, johnl@iecc.com) via TCP6; 22 Dec 2020 16:39:09 -0000
Date: Tue, 22 Dec 2020 11:39:09 -0500
Message-ID: <74a5c37-19a6-6f6f-a51d-6e5cca5b29e8@taugh.com>
From: John R Levine <johnl@taugh.com>
To: Alessandro Vesely <vesely@tana.it>, dmarc@ietf.org
In-Reply-To: <3997c81d-3b30-0823-a752-fb1d60a44593@tana.it>
References: <20201218023900.E73B82ACBB2B@ary.qy> <4a43ffaa-3987-c892-cce7-56f18888cdf5@tana.it> <39125012-e356-d62d-36fd-a7ff25a9f59f@taugh.com> <e6880ba9-f5f3-1050-25c0-658551187512@tana.it> <6bba023-d3d9-63a5-8441-11dac9a05e28@taugh.com> <74051a64-871a-db72-b5d9-1be374e23015@tana.it> <a323077-9b64-555b-3561-62cdc93819fd@taugh.com> <a8281e16-9417-5189-df73-79ea0a865fbd@tana.it> <c713b9ae-a364-1ae0-e79-55f61624aa3d@taugh.com> <3034face-b6fc-0ce2-fa1b-f59210bd6f5b@tana.it> <46339b38-3b24-bcb7-5e73-8a97038ed69@taugh.com> <3997c81d-3b30-0823-a752-fb1d60a44593@tana.it>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/gL07RxdDCVk4EVMP3adHQQd9G_w>
Subject: Re: [dmarc-ietf] Ticket #55 - Clarify legal and privacy implications of failure reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Dec 2020 16:39:14 -0000

I think that text is way too long and overspecific but we've already spent 
too much time on this so I'll stop and see if there are other opinions.


On Tue, 22 Dec 2020, Alessandro Vesely wrote:
> OLD
>
>   "Failure reports," or "failed message reports," provide diagnostic
>   information about messages that a Mail Receiver has determined do not
>   pass the DMARC mechanism.  These reports are generally sent at the
>   time such messages are received and evaluated, to provide the Domain
>   Owner with timely notification that such failures are occurring, and
>   to provide information that may assist in diagnosing the cause of the
>   failures.
>
>
> NEW
>
>   Failure reports provide detailed information about the failure of a single
>   message or a group of similar messages failing for the same reason.  They
>   are meant to aid extreme cases where a domain owner is unable to detect > why
>   failures reported in aggregate form did occur.  As an extension of other
>   kinds of failure notifications, these reports can contain either the > content
>   of a failed message or just its header.  The latter characteristic entails
>   severe privacy concerns.  For that reason, and because it turned out not > to
>   be important, failure reporting is usually disabled.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly

v2.23.0 | Report a Bug | By Email