Re: [dmarc-ietf] auth-res vs. dmarc
Todd Herr <todd.herr@valimail.com> Wed, 30 December 2020 15:35 UTC
Return-Path: <todd.herr@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE2373A046B for <dmarc@ietfa.amsl.com>; Wed, 30 Dec 2020 07:35:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 99aAMhOboUuE for <dmarc@ietfa.amsl.com>; Wed, 30 Dec 2020 07:35:26 -0800 (PST)
Received: from mail-qt1-x833.google.com (mail-qt1-x833.google.com [IPv6:2607:f8b0:4864:20::833]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F0E63A0489 for <dmarc@ietf.org>; Wed, 30 Dec 2020 07:35:26 -0800 (PST)
Received: by mail-qt1-x833.google.com with SMTP id g24so11099134qtq.12 for <dmarc@ietf.org>; Wed, 30 Dec 2020 07:35:26 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=8CYS2wz7PTQldB9VjJlRI7S62+7SQyKNal+MMoXAhrg=; b=EXMbN6zK8pgStrWj9he2e4Gj1GXkPpxEhbgCf9wB7PqK6X7enTEu1U+4jvfvfplInn E6h1Oicxqp+8nyhDB9inxzq02G15Z71Oz9fJzpVRCxj3nLGSwSmgmbkkSin4E9jgaDrK qy8aSU+HHZPH9dptHkWP+kXem69eTOfWGGI8NxrglGhFa8/TXbwZnO+FchBS5Yw/Vedx h2va59rhSfrkXgkqzw0VGVwgm5dtBgQK5mKp/3obtceOgysrJLD7rd0sKwsRYnr5k5kc YC4KTxj7J5Zn7hJL6ykLeMhiu6W2AIUXgqpeEs1EnrYcfZNBEj/Y3oRb57Tx7Idel1M9 FH1A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=8CYS2wz7PTQldB9VjJlRI7S62+7SQyKNal+MMoXAhrg=; b=Dhkczwt79bSOotaEhRkYV+A+caCsv+1BpmM3qEgyE4AGZ1V3JuUIgfEzGbllcDx31/ sJ+6B9qZm9jYVahhJkjWkiGIXYVmiCOoDoO1KI9lYh4V4EhKvY1rkc6h+ihVgeRxSpTe KlzW+xHPvMRD9ykt7vx4v5lsuPPyqoV73LG9PKleuKPfVUGkoHq3I4a04i0AIzdUcFcf ww71r4PhF2eNhnukOFPKB4KMJ7cyBbJaJYG/jUG0lwMyeLww06tFlVF7S/H7zBbcth4u 8CK/OG3xyxiqBkWkPj0/UilBlD+EAWtWMq9mGdSyRNV7Ajf/lTk6N2q0w+hVoS1Rw9AR +UrA==
X-Gm-Message-State: AOAM532mKhvCY5lJeiCVex2CqsunMQLmAfLbKSkciKRUl6HUJ9rzldlp BbrcSAbWdyVriJnb+n3fTn2jGs5GAVsTMO/hICRrSkpbCbs=
X-Google-Smtp-Source: ABdhPJzWq8dGGpYvLAwu92WuVa2X63IVZSoboULYftucfM5C9pK3N+LV5Q3GqLgNWyKB8m5npWYXnqFo9XKyMRKrDxE=
X-Received: by 2002:ac8:5808:: with SMTP id g8mr53211810qtg.208.1609342525293; Wed, 30 Dec 2020 07:35:25 -0800 (PST)
MIME-Version: 1.0
References: <9f6782b1-e85b-1a9c-9151-98feff7e18ea@mtcc.com> <CAHej_8m0OWsTt+tcSgUh+Fxu=HH_57nsb2O1Q_fgA2453ceh4g@mail.gmail.com> <140485eb-020f-4406-3f2f-e2c475ea51e5@mtcc.com> <CAHej_8mApfoF2ORgL+DoYTanrdhMjvT9H27kORwLKCQc1C9sRw@mail.gmail.com> <5588dbbe-b876-ed80-c80f-792380e3718f@mtcc.com> <CAHej_8=kW_t_JkOxUud1Uz8+PrbMh5CfwfxZK=mhe0wjW8wQpw@mail.gmail.com> <54dd9978-bcd1-6757-ad27-dcef6db6e5f7@mtcc.com> <CAHej_8kCi=7oqojDH_rbjn7kRg-PTDJWLgcKTGK9z-baUnKeMw@mail.gmail.com> <ef32de1e-d47e-1d0f-3cec-5994c7fdb7ae@mtcc.com> <CAHej_8kjSsQK_XEbdjWzV5npa29YjGadzD06Fmx3QLB4p+n_Cg@mail.gmail.com> <937f1019-a028-308d-2a0f-1e720fd49dcd@mtcc.com> <d8014c2a-c1c9-9eac-e64a-5f285bab7fd3@tana.it> <CAHej_8mgYr9ERAxmup+keZT5u8L+qgCxcSLH7Z=BEuZLouttpg@mail.gmail.com> <72e20c17-e991-e82a-9120-a27097e3ac58@mtcc.com>
In-Reply-To: <72e20c17-e991-e82a-9120-a27097e3ac58@mtcc.com>
From: Todd Herr <todd.herr@valimail.com>
Date: Wed, 30 Dec 2020 10:35:09 -0500
Message-ID: <CAHej_8=6huc-N4ymDTOWZXHGjQQ-3RFDdomRzmGp4kOseHckMQ@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008adcf405b7b041f8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/iMe6AFAoR-AwB6qXh6nRPgAF-xU>
Subject: Re: [dmarc-ietf] auth-res vs. dmarc
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Dec 2020 15:35:28 -0000
On Wed, Dec 30, 2020 at 9:01 AM Michael Thomas <mike@mtcc.com> wrote: > > On 12/30/20 5:48 AM, Todd Herr wrote: > > > I propose to add two new result name codes, named after the policy >> requests: >> >> dmarc=quarantine, and >> >> dmarc=reject (of course, you only see this if the filter didn't honor >> the request). >> >> > I do not support this, because quarantine, reject, and none are not > Authentication Results, but are instead both policy requests and > disposition decisions. > > Then we should remove DMARC from auth-res altogether because it is not an > authentication mechanism. Either we fully support DMARC in auth-res or > remove it. This half-assed state of unlessness serves nobody. > > > I disagree. DMARC has rules that determine whether or not a message is deemed to be authenticated - did it pass SPF or DKIM and did it do so with a domain that aligns with the RFC5322.From domain. The currently valid states for those rules are pass, fail, temperror, and permerror. Policy and disposition (none, quarantine, reject) apply to decisions made based on the authentication results; they are not states for the authentication checks themselves. -- *Todd Herr* | Sr. Technical Program Manager *e:* todd.herr@valimail.com *p:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system.
- [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Hector Santos
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Laura Atkins
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Douglas Foster
- Re: [dmarc-ietf] auth-res vs. dmarc Kurt Andersen (b)
- Re: [dmarc-ietf] auth-res vs. dmarc Douglas Foster
- Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
- Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Dotzero
- Re: [dmarc-ietf] auth-res vs. dmarc Laura Atkins
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Dotzero
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Dotzero
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Seth Blank
- Re: [dmarc-ietf] auth-res vs. dmarc Hector Santos
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Seth Blank
- Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
- Re: [dmarc-ietf] auth-res vs. dmarc Todd Herr
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Seth Blank
- Re: [dmarc-ietf] auth-res vs. dmarc Michael Thomas
- Re: [dmarc-ietf] auth-res vs. dmarc Seth Blank
- Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
- Re: [dmarc-ietf] auth-res vs. dmarc Alessandro Vesely
- Re: [dmarc-ietf] auth-res vs. dmarc John Levine
- Re: [dmarc-ietf] auth-res vs. dmarc Murray S. Kucherawy