IETF Logo Mail Archive

Re: [dmarc-ietf] Reports helping spammers? (#81)

Alessandro Vesely <vesely@tana.it> Mon, 25 January 2021 11:03 UTC

Return-Path: <vesely@tana.it>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05D043A0EDA for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 03:03:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.22
X-Spam-Level:
X-Spam-Status: No, score=-0.22 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1152-bit key) header.d=tana.it
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0e1Hs4ObHKnw for <dmarc@ietfa.amsl.com>; Mon, 25 Jan 2021 03:03:46 -0800 (PST)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5DB343A0ED7 for <dmarc@ietf.org>; Mon, 25 Jan 2021 03:03:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tana.it; s=delta; t=1611572622; bh=2N+rj+RJwOvVqgPVn/TwvhXaIIOey3zNJ5MECOiExvo=; l=1321; h=To:References:From:Date:In-Reply-To; b=CnLSCou0n+OaTCfQpV1vb0HPDNsSAmPe5P0o2gs1dO03tuKTCViLKJaIoUhlZtrJn 1eFNjzFPB2WguKRQeyZbHJUOV8sMFLt1xkNJOFBYQKSTp4RhbdoNNZvG3T4CgPHMa9 m3rb3F4OQ48UWNsYFEC9nFVaFoIhw77s6NTeieKcl02OyZUZezrION18YsdVi
Authentication-Results: tana.it; auth=pass (details omitted)
Original-From: Alessandro Vesely <vesely@tana.it>
Received: from [172.25.197.111] (pcale.tana [172.25.197.111]) (AUTH: CRAM-MD5 uXDGrn@SYT0/k, TLS: TLS1.3, 128bits, ECDHE_RSA_AES_128_GCM_SHA256) by wmail.tana.it with ESMTPSA id 00000000005DC053.00000000600EA58E.00002B84; Mon, 25 Jan 2021 12:03:42 +0100
To: Douglas Foster <dougfoster.emailstandards@gmail.com>, emgu@google.com, IETF DMARC WG <dmarc@ietf.org>, John Levine <johnl@taugh.com>
References: <20210122224018.E63E06BF246B@ary.qy> <3a6b6650-0276-d59b-54fa-5a3ec41a44a0@tana.it> <CAH48ZfyvjDQoqQp29LG07tz4g_eRMRboJdQ=qK8kzhyyknbMCg@mail.gmail.com>
From: Alessandro Vesely <vesely@tana.it>
Message-ID: <e9f251cb-a823-4933-2ea2-4cd258bba8e0@tana.it>
Date: Mon, 25 Jan 2021 12:03:41 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0
MIME-Version: 1.0
In-Reply-To: <CAH48ZfyvjDQoqQp29LG07tz4g_eRMRboJdQ=qK8kzhyyknbMCg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/hjFiAJXY9rQW6Gn7dGPoe9cZlzs>
Subject: Re: [dmarc-ietf] Reports helping spammers? (#81)
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Jan 2021 11:03:48 -0000

On Sat 23/Jan/2021 15:13:53 +0100 Douglas Foster wrote:
> 
> I can fully endorse Murray's position that alignment reporting is beneficial, 
> even when the sending domain is malicious.   However, it is also off-topic.  
>   My focus is on disposition reporting, not alignment reporting.


I see.


> Bottom line:  The perceived risk of disposition reporting will differ with each 
> person, and therefore with each reporting domain.    The specification would be 
> improved by providing a way for skeptical domain owners to redact 
> information that they do not wish to disclose.   Currently, the options are to 
> (a) not report at all, or (b) report ambiguous and slightly misleading 
> information such as "dispostion=quarantine, overridereason=other".   A better 
> option would be to have options to state "dispositioin=not specified, 
> overridereason=not specified".


The information that reports actually disclose is when they say why the 
disposition differs from what the author's domain asked.  That info is given in 
the comment field, which can be "forwarded", "sampled_out", 
"trusted_forwarder", "mailing_list", "local_policy", or any other reason.  This 
field is already optional.

Saying "none" without explaining why doesn't really disclose much, does it?


Best
Ale
--

v2.23.0 | Report a Bug | By Email