IETF Logo Mail Archive

Re: [dmarc-ietf] Endless Loops with DKIM reports

Дилян Палаузов <dilyan.palauzov@aegee.org> Tue, 04 June 2019 13:19 UTC

Return-Path: <dilyan.palauzov@aegee.org>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E345120033 for <dmarc@ietfa.amsl.com>; Tue, 4 Jun 2019 06:19:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.019
X-Spam-Level:
X-Spam-Status: No, score=-1.019 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_EXCESS_BASE64=0.979, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wOKKNWAa7RzP for <dmarc@ietfa.amsl.com>; Tue, 4 Jun 2019 06:19:51 -0700 (PDT)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9006812001E for <dmarc@ietf.org>; Tue, 4 Jun 2019 06:19:50 -0700 (PDT)
Authentication-Results: mail.aegee.org/x54DJiqA007997; auth=pass (PLAIN) smtp.auth=didopalauzov@aegee.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1559654386; i=dkim+MSA-tls@aegee.org; r=y; bh=xp3XvFYvCyjPa/2cmJPt2xpgvjOg1XgUOU/d467CRVc=; h=Date:In-Reply-To:References:Subject:To:CC:From; b=niph0hiWCB9JBXKFjx4xAaA8GcZRDVSMOvpDjpALCBLrPdfdEBwCysxoMpa/wX8qB xnX5OmxgtzDxMSO8gTw+oRULncNfkcWjRdzgpBAk4vh9Uh7+NXpWNKhWGwuqIkWhiv gG9JJAN4FgiLLp9bhTOJczLmhl0jzi3uWU+oQrHMkJ4/vj0fbhXOam9ralKEZqj4fR 54NBzwYKINOIc5vDrGQVf6hseJdWh2kdmx8hUeUpAjbAERlxgk3ZNJ/2Ah+rt0w7Cm jzkXfKmzhfCKW9f6tnp/iHXnsnsofAmwjcU9nm+sXeNujgDGaQIvTmHxFhaiApMSIF E8RidBt2Rur/XcUP8A716lBnCwWD8KgRRB4ggJOLPgDUKk9FlAwYFoSZ/D0U16fixY f7gcZiX+of0a/KwebplOaGUNdv/qgxT1dbjsd655izOA+ZgjVLhcac0chO4SneJm99 +04ZzK+37EN/kOGlytA5TxjCSE5FdiV1ypljER4Gc2k2c/z3xMQPmHbtNgEdmvJFnJ KGKFKlPBGNeisEKsxGqMY5/oaN3ISuKCQ7fqjliVPH+qPCRrec0TMkm9R33QsRczPf PA/qprNy1lwydN38l3vGlQ8C6NwQXEUEi9+ET0EqW+sj7XsSJ06iHTPKNLPAv9pNns VAMTx/d+rlQJiMeIOONUuL5M=
Authentication-Results: mail.aegee.org/x54DJiqA007997; dkim=none
Received: from [10.130.18.157] (x2e72229d.dyn.telefonica.de [46.114.34.157] (may be forged)) (authenticated bits=0) by mail.aegee.org (8.15.2/8.15.2) with ESMTPSA id x54DJiqA007997 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 4 Jun 2019 13:19:45 GMT
Date: Tue, 04 Jun 2019 16:19:26 +0300
User-Agent: K-9 Mail for Android
In-Reply-To: <eed31056-7f51-ee2a-5367-8fca5f6770aa@corp.mail.ru>
References: <26D82EA6-8E39-4AED-BB9D-E2F53E7548C4@aegee.org> <adeaa778-5025-6fa2-0fe4-d10e2ea984c4@dcrocker.net> <eed31056-7f51-ee2a-5367-8fca5f6770aa@corp.mail.ru>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----Z0XIYT9ZV62MX895PPEVKA5GC9OL4Z"
Content-Transfer-Encoding: 7bit
To: Vladimir Dubrovin <dubrovin@corp.mail.ru>
CC: IETF DMARC WG <dmarc@ietf.org>
From: Дилян Палаузов <dilyan.palauzov@aegee.org>
Message-ID: <B9299213-2E56-4126-B34A-8194D6FC170D@aegee.org>
X-Virus-Scanned: clamav-milter 0.101.2 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/h0omjSy3_8UrAoK0FCDxHlH0yrA>
Subject: Re: [dmarc-ietf] Endless Loops with DKIM reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Jun 2019 13:19:53 -0000

Hello Validimir,

the point is that answers can be sent to the (DKIM) report and receiving the answers can trigger sending a new report to the address published in DNS.

Empty return path prevents sending an answer to the report.

What to do if a site sends a report that does not validate DMARC/DKIM, then a new (reverse) report by the other host is sent and this report again does not validate DMARC/DKIM, so it triggers a new report? This is a concern of improperly configured site pairs. The target for the recommendation to use MAIL FROM:<>/NOTIFY=NEVER are properly configured sites, that deal with improperly configured sites.

Regards
Дилян

On June 4, 2019 2:48:32 PM GMT+03:00, Vladimir Dubrovin <dubrovin@corp.mail.ru> wrote:
>
>Reports are not sent to Return-Path address, empty return path does not
>prevents report from being sent. Actually, report with empty
>envelope-from has higher chances to generate a reverse report, because
>in this case SPF is checked against HELO and, in practice, many seders
>do not have SPF configured for HELO name and SPF failure can trigger a
>report.
>
>04.06.2019 12:41, Dave Crocker пишет:
>> On 6/4/2019 11:27 AM, Дилян Палаузов wrote:
>>> A DKIM failure report is sent, on which a bounce is generated
>>
>> The rule for mail-handling notification messages has been that they
>do
>> not contain a return address, in order to avoid looping.  Shouldn't
>> that apply to DMARC reports, too?  If not, why?
>>
>> d/
>>
>
>-- 
>Vladimir Dubrovin
>@Mail.Ru

v2.23.0 | Report a Bug | By Email