Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal
Hector Santos <hsantos@isdg.net> Tue, 27 June 2023 19:22 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CBEEC1516FF for <dmarc@ietfa.amsl.com>; Tue, 27 Jun 2023 12:22:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b="BqjSYOLX"; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b="HoUp1s9F"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fsja5Xafbe5D for <dmarc@ietfa.amsl.com>; Tue, 27 Jun 2023 12:22:15 -0700 (PDT)
Received: from mail.winserver.com (mail.winserver.com [3.137.120.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44596C1516F3 for <dmarc@ietf.org>; Tue, 27 Jun 2023 12:22:15 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha256; c=simple/relaxed; l=16926; t=1687893728; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:From:Subject:Date: Message-Id:To:Organization:List-ID; bh=ZeypGooPC456yna3T66uu1/mE LxtK5FwMZOSmX7a0As=; b=BqjSYOLXRm3Dv6RvgBpF1HEXdlNUfhn0/Dx2lN2Cn KwjMYDHqHGeZ977nmpL7/83EdXIiAZ5phNxkKJQHduOD8zGGHn3ozCHNs52qAlE8 XsgKXLHNCGPGgDhvvYEKVf816AMX6NDa02Mp9k+gdeqaCfbnx150nQGwH6n5Q+Gm Ys=
Received: by winserver.com (Wildcat! SMTP Router v8.0.454.13) for dmarc@ietf.org; Tue, 27 Jun 2023 15:22:08 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=none author.d=isdg.net signer.d=beta.winserver.com; dmarc=pass policy=reject author.d=isdg.net signer.d=beta.winserver.com (atps signer);
Received: from beta.winserver.com ([3.132.92.116]) by winserver.com (Wildcat! SMTP v8.0.454.13) with ESMTP id 3991440130.1.6260; Tue, 27 Jun 2023 15:22:08 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=16926; t=1687893727; h=Received:Received: From:Subject:Date:Message-Id:To:Organization:List-ID; bh=ZeypGoo PC456yna3T66uu1/mELxtK5FwMZOSmX7a0As=; b=HoUp1s9FLU3z1FdsgZIkW6r VnjbgKA+LqKz6gml6chDQu8JNt3RQAtJlEgJbs9l7bmcD5iy844yYUA0dWiv8Izf jYA+8YXoN7N9TPjWKQbzKk9Wo/ufqi1VHpKd95bNq12aL9EYkUDPCtjrYzbBnh43 w1eYAMr/Av4tA3DD+KIQ=
Received: by beta.winserver.com (Wildcat! SMTP Router v8.0.454.12) for dmarc@ietf.org; Tue, 27 Jun 2023 15:22:07 -0400
Received: from smtpclient.apple ([99.122.210.89]) by beta.winserver.com (Wildcat! SMTP v8.0.454.12) with ESMTP id 142528974.1.18124; Tue, 27 Jun 2023 15:22:06 -0400
From: Hector Santos <hsantos@isdg.net>
Content-Type: multipart/alternative; boundary="Apple-Mail=_C4E074D7-69B5-470F-93D3-454347687F50"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.400.51.1.1\))
Date: Tue, 27 Jun 2023 15:21:55 -0400
In-Reply-To: <CAH48ZfwB-U_c=8KFcvSpSp-oXo4esy=x=cSgrWE6k4aF2hfFog@mail.gmail.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
References: <20230623021810.E5F8DF9B3B94@ary.qy> <6495D504.4090809@isdg.net> <839aa10b-f7fa-c7a2-76db-6441189afca2@dusatko.org> <CALaySJ+gcVvpzJcrpUbOkOvjUFAhzw=pZovpZC7BhW_x7VW7nA@mail.gmail.com> <CAL0qLwasxzqJt7Hr7gZd86C=ivCrDUci_i6pkJJUTnqzL1pHMA@mail.gmail.com> <CALaySJ+gjR6D-OSE_07iSH2zXa7wypUQwPN1cL-1s+NC2S4L8g@mail.gmail.com> <99e1ef2d-053b-8cfe-f369-fa8475d142ae@tana.it> <CAH48ZfwB-U_c=8KFcvSpSp-oXo4esy=x=cSgrWE6k4aF2hfFog@mail.gmail.com>
Message-Id: <DAB1D8D3-15DB-4362-B64A-99F0883C331A@isdg.net>
X-Mailer: Apple Mail (2.3731.400.51.1.1)
X-Comment: Missing recipient address appended by wcSMTP router.
To: dmarc@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/h9D4uYk3fCwnlfrybqc1wnco3eE>
Subject: Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Dependency Removal
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jun 2023 19:22:20 -0000
Doug, this is Wildcat! SMTP - one of the oldest SMPT packages around. Summary here: Without some signal at wcSMTP about DMARC, SPF will most likely remain a hard rejection at WCSAP/SMTP (at RCPT state) before DMARC at DATA Background: Since 2003, out of the box, Wildcat! SMTP with add-on tools, wcSAP and wcDKIM, the mail flow is: (Note: for the record, email is a small part of winserver.com, but a supportive part for many customer operations) At SMTP, starting with remote client connection: 1) If Enabled, Check for DNS-RBL IP check, respond at step 8 in order to collect envelope data. 2.0) Check for smtpfilter-connect.wcx script, run it if found 2.1) Check for Geo-Location IP Blocks, very unethical practice. 3) HELO/EHLO: Check EHLO/HELO on technical merit like IP Literal matching Connect IP (CIP) 4) MAIL FROM: Check for Local domain MAIL FROM spoof 5) MAIL FROM: Accept 250 pending RCPT validation 6) RCPT TO: not valid 550 7) RCPT TO: Valid starts WCSAP.WCX (p-code) Wait for Response. At WCSAP (Wildcat! Sender Authorization Protocol): 8) WCSAP: Record if DNS-RBL IP blocked at 1, exit response 55z 9) WCSAP: Run sysop-defined text-based simple White/Block Accept/Reject If rules 10) WCSAP: Run SPF. Failure return 55z or 45z 11) WCSAP: Run CBV, Failure return 55z or 45z 12) WCSAP: return 250 Back to WCSMTP RCPT state 8) RCPT response provided, reject 55z/45z or 250 continue, Receiver-SPF header prepended. 9) DATA is transferred, Received: trace line prepended. 10 Before DATA response, run stack of SMTP mail filters written in-house or 3rd party: At SMTPFILTER-xxxxxxx.wcx, specifically SMTPFILTER-DKIM-VERIFY.WCX 11) Check for ADSP + ATPS 12) Check For DMARC + ATPS 13) Record Authentication-Results 14) DMARC Rejection Failures are DISABLED. Auth-Res Prepended. 15) Return any 55z, 45z or 250 based on SMTPFILTER-xxxx,wcx filters. Back to DATA, 16) DATA response is provided. 17) 250 mail is accepted, router signaled for MDA import or MTA forwarding. 18) Wait 30 seconds for client new transaction command, QUIT and/or DROP Pretty much it. We have too much invested in our integrated Wildcat! Internet Net Server mail platform — one of the oldest platforms since the 80s. My long time customers, sysops, sysadms, love the flexibility and p-code and low code programmability for operators and 3rd party developers! I have provided the DMARC option to the SMTPFILTER-DKIM-VERIFY.WCX to return 55z response for DMARC p=reject but it is compiler disabled. However, anyone can write a new mail filter script to run at DATA for DMARC, but it has yet to happen. Not surprise there. If we don’t provide it, I don’t expect them to do it. In WCSAP, the SPF handling of the result can be set to not reply with 55z for a SPF hard failure. This will allow SMTPFILTER-DKIM-VERIFY.WCX to see a SPF=fail Received-SPF header. But at the moment, out of the box, DMARC will never see a SPF reject. From an innocent IETF implementor, my integration enhancement for DMARC might be: With SUBMITTER enabled, you will MOST DEFINITELY see this from supportive clients: C: MAIL FROM:<return-path> SUBMITTER=pra where pra is Purported Responsible Address, normally 5322.From, Low volume or not, you will see it. I plan to use the PRA to get DMARC information. First I will assume the signer is aligned so the next check is for return-path alignment. Second, if auth=dkim tag exist, I could offer an option to relax SPF in both WCSAP.WCX and SMTPFILTER-DKIM-VERIFY.WCX. Without some signal at wcSMTP about DMARC, SPF will most likely remain a hard rejection at WCSAP/SMTP (at RCPT state) before DMARC at DATA. — HLS > On Jun 27, 2023, at 7:58 AM, Douglas Foster <dougfoster.emailstandards@gmail.com <mailto:dougfoster.emailstandards@gmail.com>> wrote: > > Ale, here is an attempt at a formal model. Application to the current question is at the very end. > > Any test (DKIM, SPF, ARC) has these result possibilities: > Pass > No data or uncertain result > Fail > > The test results are imperfect, so we have to consider these probabilities > > Probability that PASS is a correct result > Probability that a false PASS will be whitelisted or not blocked in content filtering > Net result that a false PASS is delivered to the user > > Probability that a NoData / Uncertain result is correct (presumed 100%). > Probability that an Uncertain message is wanted or unwanted. > Probability that an unwanted message is or is not blocked by content filtering > Net probability that an unauthenticated and unwanted message is delivered to the user > > Probability that FAIL is a correct result > Probability that a FAIL result is blocked by local policy (presumed 100%) > Probability that a false FAIL is actually wanted > Net probability that false FAIL blocks a wanted message > > My strategy is documented in my "Best Practices" draft submission. To summarize my experience: > - The frequency of a true PASS is high, so the probability of a false PASS is low > - The probability of a false PASS being detected by content filtering is pretty good. > - The frequency of a true FAIL is low, so the probability of a false FAIL is high. > - Uncertain messages have a high percentage of unwanted messages, but also a non-trivial volume of wanted messages. > > My conclusions: > FAIL messages should be submitted to content filtering to collect more data > Blocking on FAIL alone, despite content filtering PASS, has always caused me more harm than good. > Treating UNCERTAIN as equivalent to PASS is harmful. Uncertain messages can be as unwanted as FAIL. > FAIL and UNCERTAIN messages need to be reviewed and confirmed. When confirmed, the message is allowed or blocked based on local policies which are informed but not controlled by the sender's published policies. > Quarantine on FAIL or UNCERTAIN is superior to Block, because it allows for ambiguity to be removed and policy rules to be updated > When FAIL and UNCERTAIN volumes are too high, an arbitrary disposition can be applied immediately, but statistical sampling should be used to review the disposition decision after the fact, so that local policies can be updated. > Application to the current AUTH proposal: > I expect SPF AND DKIM will cause sender policies to be less believable, because a high rate of FAIL will occur on wanted messages, so I expect to treat SPF AND DKIM as SPF OR DKIM by local policy. > I trust DKIM more than SPF so I see no reason to honor SPF ONLY. I will continue to apply SPF OR DKIM . > I see the advantages of DKIM ONLY and will honor that policy when it is detected. > Doug Foster >
- [dmarc-ietf] DMARC2 & SPF Dependency Removal Tobias Herkula
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Seth Blank
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Seth Blank
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Seth Blank
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Tobias Herkula
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Scott Kitterman
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Scott Kitterman
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Seth Blank
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Tobias Herkula
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Benny Pedersen
- Re: [dmarc-ietf] version bump to DMARC2 John Levine
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Hector Santos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Hector Santos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Dotzero
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Dotzero
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Scott Kitterman
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Scott Kitterman
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Douglas Foster
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Brotman, Alex
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Scott Kitterman
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] version bump to DMARC2 Emil Gustafsson
- Re: [dmarc-ietf] version bump to DMARC2 Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Hector Santos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Hector Santos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] Errors in the tree walk, was ver… Alessandro Vesely
- [dmarc-ietf] Version bump: was DMARC2 & SPF Depen… Scott Kitterman
- Re: [dmarc-ietf] Version bump: was DMARC2 & SPF D… Tim Wicinski
- Re: [dmarc-ietf] Version bump: was DMARC2 & SPF D… Scott Kitterman
- Re: [dmarc-ietf] Version bump: was DMARC2 & SPF D… Tim Wicinski
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Jesse Thompson
- Re: [dmarc-ietf] PSD flag vs Version bump John Levine
- Re: [dmarc-ietf] PSD flag vs Version bump Barry Leiba
- Re: [dmarc-ietf] PSD flag vs Version bump John R Levine
- Re: [dmarc-ietf] PSD flag vs Version bump Scott Kitterman
- Re: [dmarc-ietf] PSD flag vs Version bump Richard Clayton
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Richard Clayton
- Re: [dmarc-ietf] Version bump: was DMARC2 & SPF D… Alessandro Vesely
- Re: [dmarc-ietf] PSD flag vs Version bump Alessandro Vesely
- Re: [dmarc-ietf] PSD flag vs Version bump Barry Leiba
- Re: [dmarc-ietf] version bump to DMARC2 Emil Gustafsson
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Jim Fenton
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Hector Santos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Tero Kivinen
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Douglas Foster
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Seth Blank
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Richard Clayton
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Tero Kivinen
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Tero Kivinen
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Tero Kivinen
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Scott Kitterman
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Sebastiaan de Vos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Douglas Foster
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Sebastiaan de Vos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Michael Kliewe
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Jan Dušátko
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Douglas Foster
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Ken Simpson
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Murray S. Kucherawy
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Hector Santos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal John Levine
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Hector Santos
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Douglas Foster
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Jan Dušátko
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Ken Simpson
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Barry Leiba
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Patrick Ben Koetter
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… John R Levine
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Benny Pedersen
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Wei Chuang
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal David Verdin
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Alessandro Vesely
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Tobias Herkula
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Douglas Foster
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Scott Kitterman
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Todd Herr
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal John Levine
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Todd Herr
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Sebastiaan de Vos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Douglas Foster
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Sebastiaan de Vos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Todd Herr
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Sebastiaan de Vos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Scott Kitterman
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Douglas Foster
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Murray S. Kucherawy
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Barry Leiba
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Dotzero
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Ken Simpson
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Emil Gustafsson
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… John Levine
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Emanuel Schorsch
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Douglas Foster
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… John R Levine
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Emanuel Schorsch
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… John R Levine
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Emanuel Schorsch
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Barry Leiba
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… John R Levine
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Barry Leiba
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Douglas Foster
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Jan Dušátko
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Barry Leiba
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Florian.Kunkel
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Scott Kitterman
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Jan Dušátko
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Murray S. Kucherawy
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Douglas Foster
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Barry Leiba
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… John Levine
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Douglas Foster
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Barry Leiba
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Tobias Herkula
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Barry Leiba
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Scott Kitterman
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Douglas Foster
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Emanuel Schorsch
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Murray S. Kucherawy
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Douglas Foster
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Murray S. Kucherawy
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… John Levine
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Barry Leiba
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Tero Kivinen
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Jan Dušátko
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Alessandro Vesely
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Murray S. Kucherawy
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Hector Santos
- Re: [dmarc-ietf] easier DKIM, DMARC2 & SPF Depend… Tero Kivinen
- [dmarc-ietf] Why does DKIM fail when SPF succeeds… Matthäus Wander
- Re: [dmarc-ietf] Why does DKIM fail when SPF succ… Murray S. Kucherawy
- Re: [dmarc-ietf] Why does DKIM fail when SPF succ… Matthäus Wander
- Re: [dmarc-ietf] DMARC2 & SPF Dependency Removal Neil Anuskiewicz
- Re: [dmarc-ietf] Why does DKIM fail when SPF succ… OLIVIER HUREAU
- Re: [dmarc-ietf] Why does DKIM fail when SPF succ… Matthäus Wander