Re: [dmarc-ietf] Fwd: Eliot's review of the DMARC spec
"John R Levine" <johnl@taugh.com> Thu, 23 May 2013 23:11 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2966721F9401 for <dmarc@ietfa.amsl.com>; Thu, 23 May 2013 16:11:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iAymvlzzLncW for <dmarc@ietfa.amsl.com>; Thu, 23 May 2013 16:11:51 -0700 (PDT)
Received: from leila.iecc.com (leila6.iecc.com [IPv6:2001:470:1f07:1126:0:4c:6569:6c61]) by ietfa.amsl.com (Postfix) with ESMTP id D559C21F96B4 for <dmarc@ietf.org>; Thu, 23 May 2013 16:11:46 -0700 (PDT)
Received: (qmail 47132 invoked from network); 23 May 2013 23:11:46 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=b81b.519ea232.k1305; bh=aUV2SZht8mUZ+L6DGmoIzP1bpuqXP8tr01ImVVxXBL4=; b=FjUhf+vBXERjKSgbNEwT7xzpfsHIrgh37ArNuYT3FrezeblcTJ4XFA68xm8FRXTLFFTRjHCignH1R7vpvYL2n2oPhqFM2fu7jZJilsDdnMVpSQT80+QHH8qdE+z5ZqrQAbNEB5bpJcdgaSjyXkRtXdefhoQkNdelZLdSoF6DGB8=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=b81b.519ea232.k1305; bh=aUV2SZht8mUZ+L6DGmoIzP1bpuqXP8tr01ImVVxXBL4=; b=TI5WHIK9S8AxVZv4Pn99SVyeDTXv/MAB6+EW8hBR1jPW8/ZjPK9vVkgkMc/68FZk+E7+7wr26y4JFu1CjRd13Y6xFjrA8wodtGcq69L8aQbhI25hwkizHPFe7OzCKK4e6nR9Xr5WDpxXadnr/07Edgk9wz0Z9NBtCPlWG268oeg=
Received: (ofmipd 127.0.0.1); 23 May 2013 23:11:23 -0000
Date: Thu, 23 May 2013 19:11:45 -0400
Message-ID: <alpine.BSF.2.00.1305231859220.27371@joyce.lan>
From: John R Levine <johnl@taugh.com>
To: Matt Simerson <matt@tnpi.net>
In-Reply-To: <A3033A6D-B42B-48B9-90C4-FEA9621F2A95@tnpi.net>
References: <20130523181505.26913.qmail@joyce.lan> <A3033A6D-B42B-48B9-90C4-FEA9621F2A95@tnpi.net>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Cleverness: None detected
MIME-Version: 1.0
Content-Type: MULTIPART/signed; protocol="application/pkcs7-signature"; micalg="sha1"; BOUNDARY="3825401791-1021801674-1369350706=:27371"
Cc: dmarc@ietf.org, Eliot Lear <lear@cisco.com>
Subject: Re: [dmarc-ietf] Fwd: Eliot's review of the DMARC spec
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dmarc>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 May 2013 23:11:52 -0000
> I wonder whether DMARC shouldn't be two specifications? It seems that > the validation portions of DMARC are well defined, straight forward to > implement, and could easily be implemented by most modern MTAs (whether > by milter, Amavis, or SpamAssassin). > > The reporting aspects OTOH, are complex and encumbered with technical > issues, security issues and sticky legal questions about information > disclosure. While the reporting is valuable, its value will certainly be > diminished by the number of organizations that implement it. I don't see any benefit in that. I expect the spec will be somewhat shorter when we're done, and in most cases I expect that people who implement one will at least partially implement the other. >> I implement it as perform policy if (time mod 100) < pct, which I >> think is what everyone else does, no DMARC state needed. It's worth >> mentioning this as an adequate implementation. > > I implemented with rand: > > $result->reason( type => 'sampled_out' ) if rand(100) >= $policy->pct; rand() is usually seeded from the stuff including clock so it amounts to the same thing. The point of course is that you can do the percent stuff by rolling dice, not by a rolling average. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY "I dropped the toothpaste", said Tom, crestfallenly.
- [dmarc-ietf] Fwd: Eliot's review of the DMARC spec Murray S. Kucherawy
- Re: [dmarc-ietf] Fwd: Eliot's review of the DMARC… SM
- Re: [dmarc-ietf] Fwd: Eliot's review of the DMARC… John Levine
- Re: [dmarc-ietf] Eliot's review of the DMARC spec Tim Draegen
- Re: [dmarc-ietf] Fwd: Eliot's review of the DMARC… Matt Simerson
- Re: [dmarc-ietf] Fwd: Eliot's review of the DMARC… John R Levine
- Re: [dmarc-ietf] Eliot's review of the DMARC spec Murray S. Kucherawy
- Re: [dmarc-ietf] Fwd: Eliot's review of the DMARC… Murray S. Kucherawy
- Re: [dmarc-ietf] Eliot's review of the DMARC spec Eliot Lear
- Re: [dmarc-ietf] Eliot's review of the DMARC spec John Levine
- Re: [dmarc-ietf] Eliot's review of the DMARC spec Murray S. Kucherawy
- [dmarc-ietf] Review of draft-kucherawy-dmarc-base… SM
- Re: [dmarc-ietf] Eliot's review of the DMARC spec John R Levine
- Re: [dmarc-ietf] Review of draft-kucherawy-dmarc-… Franck Martin
- [dmarc-ietf] cousin domain definition (was Re: Fw… Dave Crocker
- Re: [dmarc-ietf] Review of draft-kucherawy-dmarc-… SM
- Re: [dmarc-ietf] cousin domain definition (was Re… Matt Simerson
- Re: [dmarc-ietf] cousin domain definition (was Re… Dave Crocker
- Re: [dmarc-ietf] cousin domain definition (was Re… Elizabeth Zwicky
- Re: [dmarc-ietf] cousin domain definition (was Re… Matt Simerson
- Re: [dmarc-ietf] Review of draft-kucherawy-dmarc-… Franck Martin
- Re: [dmarc-ietf] cousin domain definition (was Re… Franck Martin
- Re: [dmarc-ietf] cousin domain definition (was Re… Dave Crocker
- Re: [dmarc-ietf] cousin domain definition (was Re… John Levine
- Re: [dmarc-ietf] cousin domain definition (was Re… Murray S. Kucherawy
- Re: [dmarc-ietf] Review of draft-kucherawy-dmarc-… SM
- Re: [dmarc-ietf] Review of draft-kucherawy-dmarc-… Murray S. Kucherawy
- Re: [dmarc-ietf] cousin domain definition (was Re… Murray S. Kucherawy
- Re: [dmarc-ietf] cousin domain definition (was Re… Matt Simerson
- Re: [dmarc-ietf] cousin domain definition (was Re… Matt Simerson
- Re: [dmarc-ietf] cousin domain definition (was Re… Dave Crocker
- Re: [dmarc-ietf] cousin domain definition (was Re… MH Michael Hammer (5304)
- Re: [dmarc-ietf] cousin domain definition (was Re… Steve Jones
- Re: [dmarc-ietf] cousin domain definition (was Re… Barry Leiba
- Re: [dmarc-ietf] cousin domain definition (was Re… Scott Kitterman
- Re: [dmarc-ietf] cousin domain definition (was Re… Steve Jones
- Re: [dmarc-ietf] cousin domain definition (was Re… Matt Simerson