Re: [dmarc-ietf] Reporting DMARC policy in A-R header fields
Scott Kitterman <sklist@kitterman.com> Wed, 31 July 2019 10:46 UTC
Return-Path: <sklist@kitterman.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C1741200CD for <dmarc@ietfa.amsl.com>; Wed, 31 Jul 2019 03:46:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=kitterman.com header.b=IjXjonN5; dkim=pass (2048-bit key) header.d=kitterman.com header.b=O6+4jwNE
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hsE8WMnWQqIk for <dmarc@ietfa.amsl.com>; Wed, 31 Jul 2019 03:46:32 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCF4C1200F6 for <dmarc@ietf.org>; Wed, 31 Jul 2019 03:46:32 -0700 (PDT)
Received: from interserver.kitterman.com (interserver.kitterman.com [64.20.48.66]) by interserver.kitterman.com (Postfix) with ESMTPS id BE339F805F8; Wed, 31 Jul 2019 06:46:01 -0400 (EDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903e; t=1564569961; h=date : in-reply-to : references : mime-version : content-type : content-transfer-encoding : subject : to : from : message-id : from; bh=qSMdl3UWAGecUUgJinYhGv01az15MmHx7AmnBUGqI0g=; b=IjXjonN5xtf6yxIdP3p78BGAVZTIitvjMDP27o+iJoMcZB7NMD/0n25t 3A7Lp05fECZ2Fx4MDP9tKsw+fEKrCw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kitterman.com; i=@kitterman.com; q=dns/txt; s=201903r; t=1564569961; h=date : in-reply-to : references : mime-version : content-type : content-transfer-encoding : subject : to : from : message-id : from; bh=qSMdl3UWAGecUUgJinYhGv01az15MmHx7AmnBUGqI0g=; b=O6+4jwNEGt2Y9Va5lGOGzxDQFZQHrotKmbSZ8VqCiLnyTRUpptHntyEa pJYPEpgk1wExchVOlHsdirQHhSAbIdicEdESQMFXFe9y4nvkNQ24pwUALQ siiRTTk3bWggDD7d1bhQDanYzXkEALnhfVY0u4jmJKrE2jcJCcAFxOsWXt OyZHDYkVgMmcHVeVS072lH2oIibOd5ROA8v64EgKZz8kpLwfNu15MvzDTt 7DDNuz+4hCrsVqaQquUy9zHCWpZhhkkTMWNfvhwtzgW+yd+6DsKijTr0CL iuWq3VsePxqJbnAeq9ypxPpS2uIbMu3EqeO2b4Gz0TATBP4RIzqUSg==
Received: from [192.168.1.184] (static-72-81-252-22.bltmmd.fios.verizon.net [72.81.252.22]) by interserver.kitterman.com (Postfix) with ESMTPSA id 87DBAF80208; Wed, 31 Jul 2019 06:46:01 -0400 (EDT)
Date: Wed, 31 Jul 2019 10:46:00 +0000
In-Reply-To: <a94b0dda-11ea-7342-d835-fb2cbe82d507@tana.it>
References: <2577720.3ZthdXZjm2@l5580> <4600949.rz9u5RyGOV@l5580> <ad404895f272ede4a9d0fb7cfb142a65414318d3.camel@aegee.org> <60001A26-503E-4DB0-B164-2AADD47CFE06@kitterman.com> <a94b0dda-11ea-7342-d835-fb2cbe82d507@tana.it>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
To: dmarc@ietf.org
From: Scott Kitterman <sklist@kitterman.com>
Message-ID: <DC53F22F-A005-4CFB-B6CA-06E76AF02ACE@kitterman.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/rtfCOd-swchKUloZpLcqJkMqvxI>
Subject: Re: [dmarc-ietf] Reporting DMARC policy in A-R header fields
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jul 2019 10:46:34 -0000
On July 31, 2019 7:11:49 AM UTC, Alessandro Vesely <vesely@tana.it> wrote: >On Tue 30/Jul/2019 15:56:16 +0200 Scott Kitterman wrote: > >> The published policy (that's why I suggest dmarc.policy). > > >Published policy can be ambiguous. Say you have p=quarantine; sp=none. > The >MTA chooses which to apply based on the domains (publishing and From:). > So it >makes sense to write the /applied/ published policy. > >I'm not good at designing A-R stanzas, as you know. However, since >dmarc is >already the policy method, why not write dns.policy, since that is >where it >comes from? The problem with dns as a ptype is that virtually all this is from DNS. I haven't had a chance to study your proposal in detail or coordinate with the other designated experts, but speaking for myself my initial thought is that dns is not a good ptype name. This is specific to DMARC, so I think it's appropriate to say so. >> I'm not sure if disposition belongs in A-R. If it does, it'd be a >local >> policy override, probably policy.dmarc as described now in RFC 8616. > >You mean RFC 7489, don't you? I see nothing about A-R in RFC 8616. Sorry. I meant RFC 8601. >Would it be possible to add a result of "quarantine"? Having >dmarc=fail and >dns.policy=quarantine leaves a good deal of interpretation to the MDA. >If one >could write dmarc=quarantine, a simple string search or regular >expression >would do. That's a great example of why dns.policy= isn't the way to go. It's too generic. If it's dmarc.policy=quarantine, there's no ambiguity. You can't put quarantine as the DMARC result, because that's not what it is. The DMARC result is pass/fail/none. >Currently, I use a comment too. > >Since we're at it, besides the spam folder, is it fine if the MDA sets >IMAP >keyword $Junk[*] or $Phishing[†] or would we dare registering a new >one? It's outside my area of expertise, so I don't have a strong opinion, but I'd be inclined not to register a new one. I think the average user can be confused by too many terms for things that to them are the same. Scott K
- [dmarc-ietf] Reporting DMARC policy in A-R header… Scott Kitterman
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Дилян Палаузов
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Scott Kitterman
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Scott Kitterman
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Дилян Палаузов
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Scott Kitterman
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Stan Kalisch
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Alessandro Vesely
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Scott Kitterman
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Stan Kalisch
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Kurt Andersen (b)
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Murray S. Kucherawy
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Alessandro Vesely
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… John Levine
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… Stan Kalisch
- Re: [dmarc-ietf] Reporting DMARC policy in A-R he… tjw ietf