[dmarc-ietf] Trac #117
"Brotman, Alex" <Alex_Brotman@comcast.com> Sat, 14 August 2021 14:10 UTC
Return-Path: <Alex_Brotman@comcast.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB8423A082B for <dmarc@ietfa.amsl.com>; Sat, 14 Aug 2021 07:10:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9ycVtCDpHyd8 for <dmarc@ietfa.amsl.com>; Sat, 14 Aug 2021 07:10:52 -0700 (PDT)
Received: from mx0b-00143702.pphosted.com (mx0b-00143702.pphosted.com [148.163.141.77]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 352533A0827 for <dmarc@ietf.org>; Sat, 14 Aug 2021 07:10:51 -0700 (PDT)
Received: from pps.filterd (m0156894.ppops.net [127.0.0.1]) by mx0b-00143702.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id 17EE71O8009811 for <dmarc@ietf.org>; Sat, 14 Aug 2021 10:10:51 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.com; h=from : to : subject : date : message-id : content-type : content-transfer-encoding : mime-version; s=20190412; bh=e7JbCRjK1JRuVMFDPBqLquZIx1e5S9csbSsk1KisGaA=; b=hYL2ZY2Tz7oNvRmBtguAgZOzHWcrGJAIDtAoTJn/Wk8Hl4um0s1555cdEO38noyBKqKS lqV0clLp/Y38QuFltSTWmljdf2lZILl15igHTfWPp2q3LxBYyhWLqsHnFwEHKdTgd0CU SZC/R0WxGIQkXUsl4sq8VBGMEdTrZKukZUbJrNV57m3BcwbOCHhwqHyBsuvYZ98moRPZ 3lF5/5856UYtKOHFXz2CMulOrtAgukdxz8KT9RKEF9tStn5l0YScsasLXFAQW/wrt+4P 1zVtpfVBzdb3Qetmi1mm9m2G556zpyudZ6Fh8wJ/vNKKABSk/RAStcuyGpi/bm3a3R4p MA==
Received: from copdcexc35.cable.comcast.com (dlppfpt-po-1p.slb.comcast.com [96.99.226.137]) by mx0b-00143702.pphosted.com with ESMTP id 3aeapsse2d-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <dmarc@ietf.org>; Sat, 14 Aug 2021 10:10:51 -0400
Received: from COPDCEXOP02.cable.comcast.com (147.191.124.157) by COPDCEXC35.cable.comcast.com (147.191.125.134) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2242.12; Sat, 14 Aug 2021 08:10:49 -0600
Received: from COPDCEXEDGE02.resource.comcast.net (76.96.35.199) by COPDCEXOP02.cable.comcast.com (147.191.124.157) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.858.15 via Frontend Transport; Sat, 14 Aug 2021 07:10:49 -0700
Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.102) by webmail.comcast.com (76.96.35.199) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.858.15; Sat, 14 Aug 2021 07:10:49 -0700
Received: from MN2PR11MB4351.namprd11.prod.outlook.com (2603:10b6:208:193::31) by MN2PR11MB4742.namprd11.prod.outlook.com (2603:10b6:208:26b::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.16; Sat, 14 Aug 2021 14:10:46 +0000
Received: from MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::b93b:741b:5a71:b442]) by MN2PR11MB4351.namprd11.prod.outlook.com ([fe80::b93b:741b:5a71:b442%7]) with mapi id 15.20.4415.022; Sat, 14 Aug 2021 14:10:45 +0000
From: "Brotman, Alex" <Alex_Brotman@comcast.com>
To: "dmarc@ietf.org" <dmarc@ietf.org>
Thread-Topic: Trac #117
Thread-Index: AdeRFhYfGXGL/9CvR5mEsixw3mjf0w==
Date: Sat, 14 Aug 2021 14:10:45 +0000
Message-ID: <MN2PR11MB4351120A4D96586809D3D80AF7FB9@MN2PR11MB4351.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=comcast.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 4a23e6d7-701f-486a-812a-08d95f2d4f11
x-ms-traffictypediagnostic: MN2PR11MB4742:
x-microsoft-antispam-prvs: <MN2PR11MB4742AD9C806C1666693DA72BF7FB9@MN2PR11MB4742.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 8lVbUjzYl6G99RmUOOA16lCCxm5PsURWTUoNd/vPtSsZJAzI4nLlsCxl0pzkun6u+4lkoRJTrgHqmLnNFzbKh4oZpQf4Zob97bN+r3EvzIIagLA0Av/sXBfyfeuAWUupZ1iDOEW0BvxySHxDV/BjtoksvkKI3Sp8FhXWYnEA/Iic3bcOHd/QxxGk/gEwdiNI52KGPFowMPwPqqFKnWcUj3I5o0zq5y/wDhIj1eBao5Acmo95M/ENVETNO8VFnSfggmX0Q/pYY6zduY2X3hHaRNldkMCmvXeoh8mV+ns6blbhQF4O9Pt9JE8/0nATHXFX3MBNOrYwPfrzxQUyyksYBPVJf514pdsSm13XNkHWfs/x4lIQNYvgQ/dOEMSUAsFaeR6D0ochjq4z786jnj4KEtzIXv7PHkCVUidp29F5jtRXDNZ+moZQ17tYORa9EevUJE25tuhxyUxU2LFXmmZNF4PiM9eZ9EoZoMJhwTYGLmtWoY0Mrzo3zXFMdXyS9nHQE3Vot1GeJtkYPDiO6cvxN0Yf8ZTf8rR3G2NifpMZlGulNi8fb/nnq3qAO2vCab5fMU8fzCopFED5VYeSs/wtbjczFjTS00Wj+r4qwAXFdun2cvC0P07vj5BZKJQsZlfAfic69JtUCkoK2ykI7hF8YlfuHwHZl4Bzgz/Z3D2VpXfD2dXaS0aH2muxO8ZxOGPy4QMG+uaAYRVH3iyyTChWXON3Y7wlYHzD37WcUuywcwXIm6FGMjVcJ3q8BI2/udnqzZackUDnkZwU4XZNRStOKKQLlkBV3RCn6iqcJfRcYT4=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR11MB4351.namprd11.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(39860400002)(366004)(396003)(136003)(8676002)(316002)(83380400001)(66476007)(66556008)(33656002)(86362001)(6506007)(7116003)(55016002)(966005)(186003)(66946007)(76116006)(8936002)(26005)(7696005)(2906002)(5660300002)(52536014)(6916009)(478600001)(122000001)(9686003)(38070700005)(66446008)(38100700002)(64756008)(71200400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: N1rjjAPvi96Yfi1or2vs/ljzEfjMGcvglORZFHb5bBEfLOy/+kT4FQ9byKLEaiKlWQe/kQA2kFTViZF3iS1ZPkw9RJLYZDPWFJP3vO/6bahgYr3wVxprRISm/mystaMpB9RFpLtDKgcirDR9yZ90imixldDC7xj6THMon+k+b6WX0vrG/ESksqDHlpdd9JalllI1v7vjwwzUZ0ALIElNXeYWiwOkmda38mFMMzpJZCLaqqS1lFf+x//rclk/GjSyy1IxSuRfW2PqqCka41xZKo3AVcKe043RRWev9z7mHrmsSGOHGIKXZ56BynIaYmovyviOwmKkarxdjXrJ+hulGQ1AbYd4fE7dTDY0LjHc44ovEWMTkAL3Fmes+CDzVTFhmmaZkVfbD0z3ggLV0xyp4emq0Zhdw9dTAjUdnsVBiZm1dVzlsyzWwT1lh3LezCA6G/XLHhu45C+up3sP6LBxRO5kCt2Xmfm7l4jECYhVN2A+kxUgNxsCS9yDkF+xGwX3xluhUZjt34eUGgojmy2+uc47T/soLdpVlPT1SnC40aNpGwGgkNU/p1SsRGgRduBVOD2LaGmLh0NofJfqZ9QkMXLC+OCH53kYLKnGeoKqulMl/CIpv8V2v4bR7ig2iyv+5KrImD9fLrdo7BYtiFUEiu+ZeSQLnuZYJ2+JcSPyFZIqOFYn/GzTEoJ1T/Yg+b+aviuT/ZNrBO55mDFxR3YHsV8bSHLLf8TwsfeSw4XWfBW10wOCN5FSpQnw11BuZF+fmgSrp8AdgXavWfBoJyA/4Fb/71EX2RU16dkebHwHBntVbBm4+81VdgFjb0OGartcu0mTxqlfyPTZFgs+7HDLzEdbcRfwTjTxOWJYxDvU5ogH9BISMVIGi45Xh6W5dZNE8dR49q4aRR29BxySNMSaB9EFPVlzBdWBuYGt9BEFFCmf+m49o6UUNve2QK7gwqKkyYRX1F2UAG6Nf65m2m15/fI0xPxVG/T9RCtwlejKKoK0XW+dbHRyL8ZgmHfRmjrqnoRKozroZMJhmgQDhJy7rjz/4kffJqNztl0y5ijdBscm4avwMjwVAL+zIcZ9S/4gCFGt7BcmBGw7k3hPFdxklhmRuBLNzZ0vJQX7z3QW21wAkKstugnbSnJcZdl//bOTmkRDn8RtBG/rLOPV77ZBv3g4LHe+hZdaOByKk+zN10McY3BTSkP/zYUNUqXSHHvDDej10xkbNDWylbYvF8M6zzUZbEZCAdkDC4jgXOtmzXg1ZTfXKbg5mnjFhFMJ7Xa4pOUeI/hQtCpuC1hjt4HX+aiX5FzvXB4UuYOC2giTad0=
x-ms-exchange-transport-forked: True
arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=C0nIuR1rV1azHlQN7NF9flSSa+p30aqjBd2VZ7nEOozTA2TQA2S5zSAe2a1w+s3GatuNgg1ipwhQ8OTP7MMOQ9tlmpCpECZRWv2ogZxavPcm10G63D6p8VlbhBD28jxmxJEI/5o/MehR+A/P7zEnlrMRkF0auPuBTyYFdtuSyY0Sg8cT5+ChxKFXHUlfb+rpcI/V2SLaG60XlMdoCZNOZYbRqZsVOPDMv/mk+7VIMcm/C7k6OJse+RwYGLQ7aUr1IMZrSUN+/ufsklE0zAqm9tP/3+IsGO8MTBD7PCTO4ytX+To/kXk0UPu3x+0sNqh2jGvZejuEzAC3JBExKmXXBQ==
arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mkmLb7ubPk0dSMcuSb50+ReW4SUYk0xGfRUwpbgYvSI=; b=P2m0zYLl0cRZB9nNwRgVuDV47lvxtwNvGeR2slnJeYlW3GFvA08ElXIMa+kp/FNdhAMKFY4vsh1Hqqh5GASBf9fM6pVCpne3D+m7CE/V7Mj+xra8HvRxZocGpo4ZPV4j5iTBUXk6D/CGBzK+R0zseYj0dnl89UpQBCRCPSe1DZ47SBR5L2L4KlFCOwwuvdXMBtSSCBdm4tRoTSa8H+QBcys/WcjWStFoX2oDEkuFMMgoZ4o39Yp6drTYjO4evsJ7iJnKV3b6aVc+vYLWlNumIcJiaTEU1l6knq+JXEFMRdTDp+WdvUJOFER5552Qpel+5w0yDAcTt121QFUjGxMibw==
arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=comcast.com; dmarc=pass action=none header.from=comcast.com; dkim=pass header.d=comcast.com; arc=none
x-ms-exchange-crosstenant-authas: Internal
x-ms-exchange-crosstenant-authsource: MN2PR11MB4351.namprd11.prod.outlook.com
x-ms-exchange-crosstenant-network-message-id: 4a23e6d7-701f-486a-812a-08d95f2d4f11
x-ms-exchange-crosstenant-originalarrivaltime: 14 Aug 2021 14:10:45.2351 (UTC)
x-ms-exchange-crosstenant-fromentityheader: Hosted
x-ms-exchange-crosstenant-id: 906aefe9-76a7-4f65-b82d-5ec20775d5aa
x-ms-exchange-crosstenant-mailboxtype: HOSTED
x-ms-exchange-crosstenant-userprincipalname: LU/CzGtlFAQI4r8d8qkWTxogPiB8krH2imMDQCi3/5pjzVKYi1P2oPRJVcsE6oF9iwwDDNWxOlfDBXnlVAYVRUc8gkHWsDBxwMYXIXMt2Ic=
x-ms-exchange-transport-crosstenantheadersstamped: MN2PR11MB4742
x-originatororg: comcast.com
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Forward AAETWO
X-Proofpoint-ORIG-GUID: nDAMCM0uEZXtMYb4BTdKSaLQg6KBC6OS
X-Proofpoint-GUID: nDAMCM0uEZXtMYb4BTdKSaLQg6KBC6OS
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.391, 18.0.790 definitions=2021-08-14_02:2021-08-13, 2021-08-14 signatures=0
X-Proofpoint-Spam-Reason: safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/gk1IKXj__VNainAVXpizEzxe4B8>
Subject: [dmarc-ietf] Trac #117
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Aug 2021 14:10:58 -0000
Folks,
A ticket was opened to add a "human_result" to the SPF results in the report. As DKIM has similar, I don't necessarily see an issue here. It seems like this could be useful to those attempting to resolve issues relating to failing SPF results. The ticket illustrates a few examples:
----------------------------------------------
Justification:
A free text string <human_result> allows to add a meaningful error message in case when the SPF result is permerror or temperror.
This can be used as signaling mechanism, especially when the error is not obvious or does not occur with every mail receiver (subject to how strict they interpret the SPF spec and how they handle minor errors).
Here are a couple of real-world examples (anonymized) during SPF checks that have been all subsumed as permerror:
"example.net: Maximum DNS-interactive terms limit (10) exceeded"
"example.net ... example.com: Maximum DNS-interactive terms limit (10) exceeded"
"example.net: Redundant applicable 'v=spf1' sender policies found"
"example.net: Included domain 'example.com' has no applicable sender policy"
"mail.example.net: Junk encountered in record 'v=spf1 a mx ip4:192.0.2.1 ip4:192.0.2.51 ~all|'"
"example.net: Junk encountered in record 'v=spf1 ip4:192.0.2.1 ip4:192.0.2.51 include:_spf.example.com <http://spf.example.com> ~all'"
"example.net: Missing required domain-spec in 'Include:'"
Note that there are different interpretations of how to count the number of DNS lookups:
<https://www.mail-archive.com/dmarc-discuss@dmarc.org/msg03268.html>
Examples for temperror:
"example.net: 'SERVFAIL' error on DNS 'TXT' lookup of 'example.net'"
"email.example.net: 'SERVFAIL' error on DNS 'TXT' lookup of 'email.example.net'"
"example.net: 'SERVFAIL' error on DNS 'PTR' lookup of '1.2.0.192.in-addr.arpa'"
The name <human_result> has been chosen, because it already exists for the <dkim> section.
-------------------------------------
https://trac.ietf.org/trac/dmarc/ticket/117
--
Alex Brotman
Sr. Engineer, Anti-Abuse & Messaging Policy
Comcast
- [dmarc-ietf] Trac #117 Brotman, Alex
- Re: [dmarc-ietf] Trac #117 Alessandro Vesely