Re: [dmarc-ietf] Working group next steps

"Douglas E. Foster" <> Sun, 31 March 2019 12:38 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id BF84612012B for <>; Sun, 31 Mar 2019 05:38:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hNjw6M07lYix for <>; Sun, 31 Mar 2019 05:38:57 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 8A65212013D for <>; Sun, 31 Mar 2019 05:38:57 -0700 (PDT)
X-ASG-Debug-ID: 1554035933-0990574bec209bc0001-K2EkT1
Received: from ( []) by with ESMTP id NaDMtjbHvEKCVoj2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO); Sun, 31 Mar 2019 08:38:53 -0400 (EDT)
X-ASG-Whitelist: Client
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=s1025; h= content-type:mime-version:message-id:reply-to:date:subject:to:from; bh=Dmfytwzg+1wKuRrX8KeoLqzBo+odZjcEJ3SPrKF96I0=; b=E8hb2slT/UYk5V+THjhvrllhtE023YfXD2NUVwZEf1eOh1bFVOoAqbq33miFLeMfW cEWxKGK3Jqqg/MKJUuz+SbU4sJryAz2aN7KofhqEkRORYqpfLxwamGbGd7y6JL0lk JVRxc1fPevsPhBy6a7AmmklWgHxbbs1Li2BnD3XWc=
Received: by via HTTP; Sun, 31 Mar 2019 08:38:44 -0400
From: "Douglas E. Foster" <>
To: "Scott Kitterman" <>, "IETF DMARC WG" <>, "Ian Levy" <>
Date: Sun, 31 Mar 2019 08:38:44 -0400
X-ASG-Orig-Subj: Re: [dmarc-ietf] Working group next steps
Message-ID: <>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary=178dca5f19e449a98c262f972a93f11c
X-Originating-IP: []
In-Reply-To: <LO2P123MB2285E7ED4CD46A11BD9F4676C9540@LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM>
References: <> <LO2P123MB22857A6A1EDD9D54A817C4F5C95A0@LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM> <3802074.4RGYGbXOYh@kitterma-e6430> <LO2P123MB2285E7ED4CD46A11BD9F4676C9540@LO2P123MB2285.GBRP123.PROD.OUTLOOK.COM>
X-Exim-Id: 641c4907897e4a81b12847a29bfcd3b8
X-Barracuda-Start-Time: 1554035933
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Virus-Scanned: by bsmtpd at
X-Barracuda-Scan-Msg-Size: 4506
X-Barracuda-BRTS-Status: 1
Archived-At: <>
Subject: Re: [dmarc-ietf] Working group next steps
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 31 Mar 2019 18:30:56 -0000

Certainly not.   
 You cannot drop existing defenses until the new standard is 100% deployed on the Internet, which means probably never.    Your experimental implementation will need to prioritize the new test over the SPF test, to prove that it is working and to show that it is good at intercepting any subdomains that have been newly imagined by the attackers
 To speed up the deployment process for existing or new standards, IETF would meed to embrace the idea of defining required features of a spam filter.
 Doug Fosterd

 From: "Ian Levy" <>
Sent: Sunday, March 31, 2019 6:18 AM
To: "Scott Kitterman" <>om>, "IETF DMARC WG" <>
Subject: Re: [dmarc-ietf] Working group next steps   
>> I'll also offer as an experimental ground (within reason!).

> Excellent. I've listed it in the experimental registry at
> Since you already had a live DMARC record for that domain, people can experiment with this now.

I guess at some point we'll have to stop generating SPF and DMARC records for the non-existent subdomains of so we can test the new stuff properly. When we're at that point, let me know.



Dr Ian Levy
Technical Director
National Cyber Security Centre

Staff Officer : Kate Atkins,

(I work stupid hours and weird times - that doesn't mean you have to. If this arrives outside your normal working hours, don't feel compelled to respond immediately!)

This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to
dmarc mailing list