Re: [dmarc-ietf] Ticket #39 - remove p=quarantine

Steven M Jones <smj@crash.com> Wed, 02 December 2020 03:04 UTC

Return-Path: <smj@crash.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C45163A13A5 for <dmarc@ietfa.amsl.com>; Tue, 1 Dec 2020 19:04:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=crash.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ot-NrFWjC2O3 for <dmarc@ietfa.amsl.com>; Tue, 1 Dec 2020 19:04:44 -0800 (PST)
Received: from segv.crash.com (segv.crash.com [IPv6:2001:470:1:1e9::4415]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 12D4F3A1239 for <dmarc@ietf.org>; Tue, 1 Dec 2020 19:04:02 -0800 (PST)
Received: from [10.10.10.124] (135-180-6-94.fiber.dynamic.sonic.net [135.180.6.94]) (authenticated bits=0) by segv.crash.com (8.15.2/8.15.2/cci-colo-1.7) with ESMTPSA id 0B233nnP091232 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for <dmarc@ietf.org>; Wed, 2 Dec 2020 03:03:58 GMT (envelope-from smj@crash.com)
DKIM-Filter: OpenDKIM Filter v2.10.3 segv.crash.com 0B233nnP091232
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=crash.com; s=201506-2k; t=1606878241; bh=WumwRF9ul12Cr7/TZT3rFB42TGUce43Kzu8eW3OIj6M=; h=Subject:To:References:From:Date:In-Reply-To; b=WDTQWc+TNGUbv0gYxtPdWKYSVDb9MA/C7T0f5HoOKmLAmAKZs+S7Y2Va6MzFD2Af3 UPh4N1TYa/UXQyTQYToay4VAectj94KoG8ytCmQr5gWWJRBLH4ZAZ3nwzGxr02g9Ot 1mWtLA4rr6MyPZxSLFM63Ji+kiPRj0BV1ABAXz9tF9HF8kwMyOmAZyCMY6kgZpmFDV ZQlURVC7h8HnPzTh2Codt55piOwEuG3ndsECEYBq6UjooIN9Vd3hkQzYl5g+RfyYED Y66YxjmWmD0KPeAah0ccRD+iR0hZZJXsgu3HKuuYnQauzyTMa6r11OsFE0zb6wi9pS HF9Dr45ueaJ4A==
X-Authentication-Warning: segv.crash.com: Host 135-180-6-94.fiber.dynamic.sonic.net [135.180.6.94] claimed to be [10.10.10.124]
To: dmarc@ietf.org
References: <20201202021651.E8EE128C576A@ary.qy>
From: Steven M Jones <smj@crash.com>
Message-ID: <327860af-2fa7-63ee-4b89-6e7e383f3d53@crash.com>
Date: Tue, 1 Dec 2020 19:03:49 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0
MIME-Version: 1.0
In-Reply-To: <20201202021651.E8EE128C576A@ary.qy>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.2 (segv.crash.com [72.52.75.15]); Wed, 02 Dec 2020 03:03:58 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/jdJ29eLiZQyWzzPPb447l3fDNTE>
Subject: Re: [dmarc-ietf] Ticket #39 - remove p=quarantine
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 03:04:52 -0000

On 12/1/20 6:16 PM, John Levine wrote:
> In article <e4ce658f-3a19-aa24-0fb2-2078d06fcc34@crash.com> you write:
>> On 12/1/20 4:16 PM, Douglas Foster wrote:
>>> I have always assumed that p=quarantine and pct<>100 were included to
>>> provide political cover for "Nervous Nellies" who were afraid to
>>> enable p=reject.
>> p=none, p=quarantine, and the pct= option were all included so that
>> organizations could set policies according to their own risk/reward
>> evaluation, including changes to those evaluations over time.
> Do you think there was a shared understanding of how p=quarantine
> would be implemented? Put the mail in a spam folder? Put it in some
> separate place that you can check? (Mimecast does that with some
> dubious mail) Put it in the inbox with a warning label?

Not in the sense of, "All Receivers should do at least X for 
quarantine." Rather that the Domain Owner is requesting whatever the 
Receiver implements between rejecting the message and putting it in the 
inbox, and is willing to apply. Discussions of this nature usually 
included a recognition - if not a blunt statement - that the Receiver 
will do whatever they deem best in whatever situation was under 
consideration.

So even if the use case of a small Receiver without a quarantine 
function wasn't explicitly mentioned on this or that occasion, they 
would be covered under the, uhm, /force majeure/ clause of Receiver agency.

That "clause" came up a _lot_ ...

--S.