Re: [dmarc-ietf] Some Proposed Language for a New pct Tag Defintion
David I <David.I@ncsc.gov.uk> Wed, 04 August 2021 08:20 UTC
Return-Path: <David.I@ncsc.gov.uk>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 145863A0D49 for <dmarc@ietfa.amsl.com>; Wed, 4 Aug 2021 01:20:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.163
X-Spam-Level:
X-Spam-Status: No, score=-3.163 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_GOV_DKIM_AU=-0.612, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ncsc.gov.uk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HMjo59rEQuTc for <dmarc@ietfa.amsl.com>; Wed, 4 Aug 2021 01:20:11 -0700 (PDT)
Received: from GBR01-CWL-obe.outbound.protection.outlook.com (mail-eopbgr110118.outbound.protection.outlook.com [40.107.11.118]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DD9AA3A0D46 for <dmarc@ietf.org>; Wed, 4 Aug 2021 01:20:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YZIHcrHWR+qcmEAPRQSwq2PFoYvmAly/HBdE3A72aopPa8P0Ekl+garC3Usk6xw6p2Uv/sya68LRmM1ilD/REBY7idLpThKvJogeAgPO2uE7uIoPpIrlECJLzCQhI6aZ45vNew6b3XUepir2fLj2kZyJzWuWSkWQ7y2ds+9PhGU9wCp0MPP+R1xU+r+smLAs2y1MdaHimvc1kstFujwk64ZKxc/r+gAT7CyEaArFn56twfE3beonUspPayxpNa+vF41qHApvnkW3k3GMpPDfg5D2zJMRYnFqjcTu9HAQPVBMC/2Jxcjspf2xHJxfeWL3wLhIpelXwfX9UZU+NEHCEQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SSKBSQ1j4dd//65AR2ngrFFvHyJBYZzrULx/gNK9SH8=; b=j5bPJUUIXSj8yrotVrawUyfU3shVovK8E4D8k3/DaxKdQ+O76zz3sd1nyayGmr7Vb/pWd/VW60CzbGPdtIoNI3/xofU6AxNoTYPpLpR2W5JatM6GSmX+9ulJnvSUos3crgvK+snrkVXcoBXFHa2ewlhuBQ/D+M56oxqSD8aqIRo7HzSc05MERaXXlgww5xyzF0cRp3OqB9ww0FCNx43Tc5GKUIvFSzUcjhPB/BeKsGHeh6FsycN4qbexCCmvnkci3ZxsNCfFlT4o178rR2tHO7M9XtcIYrKJbeAsxGExcpMZLD8OABoAtNcsDdDyU+l0iEW5Fcadfm4BRG0lS2th3A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ncsc.gov.uk; dmarc=pass action=none header.from=ncsc.gov.uk; dkim=pass header.d=ncsc.gov.uk; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ncsc.gov.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SSKBSQ1j4dd//65AR2ngrFFvHyJBYZzrULx/gNK9SH8=; b=0lcxmhXvx8anS2RTAUXwP69Wlx/Bhu/JKBw1p7GRqWMHreT1NrNbmXVDFs4DHw5gsgDybKJizsdTWaaC5Z7N7uvoG1fa7s6nugCDhIyPqu9bPqTvVHXUH92ypWnwR/SPvMXKBiABBhJxSlzAwzQVhfvrv7pWv4p8jlsLPOE6MSBNlHFhPUL+ikWrfzm2Z0Qo2cXY474GYaqjkubxwrYdWQCOZgoZaWyO7WjX6hsZslz4d4cKF+gNTcGYvD4Ilh9tGUQwtTIKI3mnix8HwRyb/SLyF7xl6AThf4YJp1g7CnXikICBZzU9TKCnjKPMnGYo2oMVyUGf7yKt9mmVXJhreA==
Received: from LO2P123MB5982.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:254::6) by LO0P123MB6037.GBRP123.PROD.OUTLOOK.COM (2603:10a6:600:22a::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4373.18; Wed, 4 Aug 2021 08:20:03 +0000
Received: from LO2P123MB5982.GBRP123.PROD.OUTLOOK.COM ([fe80::417a:ca22:3656:c998]) by LO2P123MB5982.GBRP123.PROD.OUTLOOK.COM ([fe80::417a:ca22:3656:c998%7]) with mapi id 15.20.4373.026; Wed, 4 Aug 2021 08:20:03 +0000
From: David I <David.I@ncsc.gov.uk>
To: Dave Crocker <dcrocker@gmail.com>, Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>, IETF DMARC WG <dmarc@ietf.org>
Thread-Topic: [dmarc-ietf] Some Proposed Language for a New pct Tag Defintion
Thread-Index: AQHXhX6C+zx8dlzjwUarKME5mLgALKtdjRuAgAMW1gCAAGprgIAApyQAgAADxICAAH6eAIAAAUuAgAAL4oCAAAdGgIAAumrD
Date: Wed, 04 Aug 2021 08:20:03 +0000
Message-ID: <LO2P123MB5982560E06396242961419D3BEF19@LO2P123MB5982.GBRP123.PROD.OUTLOOK.COM>
References: <CAHej_8=LL_KWcVYnc2quYSGMnQF5bdoerDtTZZm1yGjxjCqW1Q@mail.gmail.com> <20210803021005.EE5CF257D352@ary.qy> <CAHej_8k0rZHY02_mAMfc19dUOVREbd_WdTr5whUuNHmggx+cdA@mail.gmail.com> <CALaySJKb32r36Eq89_bM_dv4NeMtPmkgzHJX=AW+QVM-skHoVQ@mail.gmail.com> <CAHej_8kFB+icKyhTNUhbAV39Fa5KJBAXDb+REQM_1CPaUnkXzg@mail.gmail.com> <5cb4c752-f634-a385-06b0-4d9af6a00c8d@gmail.com> <CAHej_8=OSqFGU-DGOXNYeNNWAACg8bjKTQq8YH_Ccqc8RGMs5g@mail.gmail.com>, <5db0c49c-5cc8-8c0f-613f-234ee4ba5a21@gmail.com>
In-Reply-To: <5db0c49c-5cc8-8c0f-613f-234ee4ba5a21@gmail.com>
Accept-Language: en-GB, en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=ncsc.gov.uk;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 796a10e4-168d-4cae-491e-08d95720a92a
x-ms-traffictypediagnostic: LO0P123MB6037:
x-microsoft-antispam-prvs: <LO0P123MB60376E659733D2CD38D802D4BEF19@LO0P123MB6037.GBRP123.PROD.OUTLOOK.COM>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: v9j4V1cq6PPjf6edXpEI93oCAvNItvy81P4Em38NQYTj9p5b1FbFuA6xzUJ3dUq/QNyYjBBVXwV4Jy0OodkEdhrN9rbZplk5OojAtS+EPbSMbpONnjVJ41fcudsbwrw5CR1uEu/lODblecHuYrV65xKzSGM0xrFqa+Z2xpGYjS1komKU9kOoN7pBXnPiNTy+9iwkVcSrc2iauD8NijRPBMsFr/hgWN/iv/j9kO2IZfyBxsBKS+An4GHtGKCAOTHY+j89R8eJVD2zdteDr9Hbf2Zthc42PJw3FY4Jixn14RZs6IpEYvfS0GjMfRzzbSgX589jjtOe2O9Xp/skswDz4UP3QNbm8Y2GgoX6qILdj0izZqjfFpHlpxbwIkoh62D3TQBo31YU+rOfQ1aytA3aa+ly+chTuqJJHu8i9QUeZZq1NRuYnZJSWmeU1OWeLej2FRiraCg3Nge9ojZX3e0xCrVgfIAV/0pY+MkpOz+Xz1OdkKxryQ0WgpSboiyAggTxvdoqOZojT3aNb0RUgSDDTYmssuj1dhm+gRJjn80s8F85XqWVd2vm1EskFqv/9u+JFM0rTy4af7yzTapHpGJY8zmN1m9hydofqytbSVGBahb9tvbtG9K02sy1WUolpCLENw2SzvqOwxBSn79/dQ4SO2ifxRlb7h+K+1YE9fOpBOoCZYAm7CpmJwiMk9yBaRaMNorwUxNOTqr4H5A1AUd56w==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:LO2P123MB5982.GBRP123.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(396003)(136003)(366004)(346002)(39840400004)(376002)(71200400001)(19627405001)(53546011)(8676002)(7696005)(86362001)(110136005)(66476007)(66446008)(66946007)(76116006)(66556008)(478600001)(52536014)(64756008)(9686003)(55016002)(33656002)(83380400001)(186003)(122000001)(5660300002)(2906002)(8936002)(6506007)(38070700005)(26005)(38100700002)(316002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 0Ki0WVPwX9A8T58DvVPUvkUY8QyjG0De4wCTlmmOd8gNnTWg0dDPixCq/LAXXNOAZ39qloFp0oYntVSIsRIazmbjZuDoxH/021uUX+HI4Fa1xKLS7OSxbM+soPfK10VCa0CvQ9UrU6q9671ZBPqbjDFrnZ0R+qrd5noTxM6CXOYYrI80W82OteX2TaSag6GcxH9imhNCQwlu5SgmPHvmSph7vB86+VyxOXuoCOUoBYOYK08ZZdnhtXAcHpdMw7CSSlPk+uD9AnL0WF1HGro8Hm+TUPojnhvocQV9kELb+vPbAF3I2s/vGqXkKyNeqZ8iQV7yeE183zFwBg9QVOfN38heFZKXUJ2YHOxWi1KD+BPW6b9SJ2pykKAu8Ph4WMwif8vBiXPJPBYpXIHDviQY15NPGfnHLcYqCDhecF2jodmYwFISt7rCnG+8GKmtoFIRD2wAUVaKiZqhaXE69rWPzcwvU4iu7WbFrov2E8ddjTGBfqC/h+h4XbwLpdDyptE9yOWQoeR3NBQlnLY/lMA+JbRJBLrTDaj4ZbCOgucJTob0NB0ird0/IQM6N56iG2rR9ls3uVLchb7A3Vf/4moxqFkjfCiekJ2wEebeL6qBfcKdQZ74oh7tNYwOOYSt7dudLfoEEXUijl0KpJy6ixCkoXNTzC9A+5PT3SQTQfEARHPs05BAMnlzlNSemYdkxJCh+ScB9FWHF8BppWv15wd3IeCpud3Z87rZstZO5akDqkqKC6dppJT10hJsGYAh+Bu9x0Shbl+cERsNeO9w64neWWdVshs7H2OpDogmN8Ff7YHhEWkGVPPmSRS2Z8uMvQ6Sb/CUAbeTfmRjmDu8G/K16PzRavgEZaMt6vQOfXkRydeujcdjz1NHtOy2HP8Zlm9RkLlsmGCQObgTsAmkTyrRXXfmiBnoGzm4/LSgxpH6gr/Vj/a+7sR8oj4558YnZv3oxZGjsdh/me32pSuXqHkJbIRYCg0sbZmfa1QtYyimHxRNk8tOKHX7vwyUPgrCAD4U90lIT4NK4saHVrP7bBqzILyav9/rJK+Vm4gXNiSmgh8vp/b5O3g2C2asao6mpgDev2rtsogdgZI3yv85WQzACV+Mm9ZHPDDLRqKNuOLMRXn4b387ixvGWQjZi9QjujoqjtHVB8Up5fVYD8qfuyARcpbbBmdJLLxKWQVpivnXpe96NrooKsge7c9zACUJlkkL4K7ZBrWI8Yzej5YzgybBB4/A3IpMi7Ui0TycTvKrHST32wDllD3ihiTG9jhxI7Ym7bflcA5K3ZMZc5UXUb9QWGqNthtlvBv24m7KvG3uDHw=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_LO2P123MB5982560E06396242961419D3BEF19LO2P123MB5982GBRP_"
MIME-Version: 1.0
X-OriginatorOrg: ncsc.gov.uk
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: LO2P123MB5982.GBRP123.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 796a10e4-168d-4cae-491e-08d95720a92a
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Aug 2021 08:20:03.7709 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 14aa5744-ece1-474e-a2d7-34f46dda64a1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 2PFICIl5eAgzvvdSHl1ZzHwe8Af6PS3tYtQDI1NxoTxNinSOsd8ziELaNPXrIWHj9Wtq7ZHRcA1WYDCO7kDADA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: LO0P123MB6037
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/onMViw-kcpivm4uzQz61P_W1ySM>
Subject: Re: [dmarc-ietf] Some Proposed Language for a New pct Tag Defintion
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Aug 2021 08:20:16 -0000
This is the scenario we've seen across the UK public sector - at p=none, DMARC reporting showing lots of DMARC fails (SPF+DKIM failing) from IPs associated with an email service provider which both originates email and forwards it (commonly Google). At this stage you don't know if the failed messages are originated or forwarded and so if they will be lost at p=q/r, pct=100. When you switch to p=q,pct=0, forwarded messages are re-written, and so are not included in the DMARC reporting, and so if any failures remain, additional configuration associated with originating messages is required. If not, you're good to go from pct=0 to something stricter. Benefit: Improve adoption of p=quarantine/reject by reducing the number of domain owners who to get stuck at p=none as they're unsure if switching to p=quarantine/reject will cause loss of legitimate email. >From a 'getting people started with DMARC perspective', having p=none be 'safe' and not affect mail flows is attractive, and so having the behaviour change require an additional change is good. The fact that it's an opaque hack using p=q, pct=0 is a shame, and clarity of how you trigger this behaviour change in the document would be good. HTH, David ________________________________ From: dmarc <dmarc-bounces@ietf.org> on behalf of Dave Crocker <dcrocker@gmail.com> Sent: 03 August 2021 22:08 To: Todd Herr <todd.herr=40valimail.com@dmarc.ietf.org>; IETF DMARC WG <dmarc@ietf.org> Subject: Re: [dmarc-ietf] Some Proposed Language for a New pct Tag Defintion On 8/3/2021 1:42 PM, Todd Herr wrote: That doesn't mean that I think it's not a useful setting on the journey from p=none to something stronger; it only means that I can't remember the particulars of the rewriting that takes place and how the domain owner can take advantage of information revealed by the rewriting in order to eventually remove the pct tag. It might be this: I'm not trying to argue against your proposal or the one that preceded it, but am concerned that there be a pretty clear and strong case made for specific benefit. That is, clarity about what the benefit will be and clarity that there is shared agreement that the benefit will be obtained and that it is substantial. The pct style of mechanism is not typical for protocol standards, although it comes from a common system development background. And the fact that its use in DMARC is prompting significant change to that mechanism warrants additional care in justifying it and documenting it. IMO. d/ -- Dave Crocker dcrocker@gmail.com<mailto:dcrocker@gmail.com> 408.329.0791 Volunteer, Silicon Valley Chapter Information & Planning Coordinator American Red Cross dave.crocker2@redcross.org<mailto:dave.crocker2@redcross.org> This information is exempt under the Freedom of Information Act 2000 (FOIA) and may be exempt under other UK information legislation. Refer any FOIA queries to ncscinfoleg@ncsc.gov.uk. All material is UK Crown Copyright ©
- [dmarc-ietf] Some Proposed Language for a New pct… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] Some Proposed Language for a New… Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Дилян Палаузов
- Re: [dmarc-ietf] Some Proposed Language for a New… Murray S. Kucherawy
- Re: [dmarc-ietf] not enhanced status codes Some P… John Levine
- Re: [dmarc-ietf] Some Proposed Language for a New… John Levine
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] not enhanced status codes Some P… Douglas Foster
- Re: [dmarc-ietf] Some Proposed Language for a New… Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] Some Proposed Language for a New… Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Dotzero
- Re: [dmarc-ietf] Some Proposed Language for a New… John Levine
- Re: [dmarc-ietf] Some Proposed Language for a New… Murray S. Kucherawy
- Re: [dmarc-ietf] Some Proposed Language for a New… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Barry Leiba
- Re: [dmarc-ietf] Some Proposed Language for a New… John R Levine
- Re: [dmarc-ietf] Some Proposed Language for a New… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Dave Crocker
- Re: [dmarc-ietf] Some Proposed Language for a New… Todd Herr
- Re: [dmarc-ietf] Some Proposed Language for a New… Dave Crocker
- Re: [dmarc-ietf] Some Proposed Language for a New… David I
- Re: [dmarc-ietf] Some Proposed Language for a New… Alessandro Vesely
- [dmarc-ietf] Reporting rewrites, was Some Propose… Alessandro Vesely
- Re: [dmarc-ietf] Reporting rewrites, was Some Pro… Todd Herr
- Re: [dmarc-ietf] Reporting rewrites Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster
- Re: [dmarc-ietf] Reporting rewrites Todd Herr
- Re: [dmarc-ietf] Reporting rewrites Alessandro Vesely
- Re: [dmarc-ietf] Some Proposed Language for a New… Murray S. Kucherawy
- Re: [dmarc-ietf] Some Proposed Language for a New… Douglas Foster