IETF Logo Mail Archive

Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result

Douglas Foster <dougfoster.emailstandards@gmail.com> Sun, 23 October 2022 11:03 UTC

Return-Path: <dougfoster.emailstandards@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67529C14CF14 for <dmarc@ietfa.amsl.com>; Sun, 23 Oct 2022 04:03:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TNT9WBnLonJU for <dmarc@ietfa.amsl.com>; Sun, 23 Oct 2022 04:03:16 -0700 (PDT)
Received: from mail-lf1-x131.google.com (mail-lf1-x131.google.com [IPv6:2a00:1450:4864:20::131]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97EEDC14CF13 for <dmarc@ietf.org>; Sun, 23 Oct 2022 04:03:16 -0700 (PDT)
Received: by mail-lf1-x131.google.com with SMTP id b1so12458951lfs.7 for <dmarc@ietf.org>; Sun, 23 Oct 2022 04:03:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=sUBUEd6pthmjMRV3zL0M1jK7tq5w4vb2gTUL9OgHC0g=; b=akagyIsJSR1vfNOZs54F9llXKAXTGeyVAtbn3dp1ITxiwbqgJkBC+EVI/KqkM8JG1i 3tqYy8Fcom62/OMJ6iqb3jHsZceAGmuwJ9d9oHSQU9zgLKJoSW0+jOYuhMKZMPErBL3A hEh/MnIjm2SmsbawcPMxet+gszyIDzEYFzj62oTLcpMalhJxSG7D3n15crsAKZGW703D lC4NJTt1LKyt2XMzLqbj0lkdT0afIpNqxA+bu4gs+MMLnwZCwRXam7dakkyhkfxURmJc uIdZVlvWS+qiT40GvDH6dvlkZa6Dy7x3CYmAGvfOuscjX6Z8rwqJnc/myiYFbjZLQ2+x s9qQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sUBUEd6pthmjMRV3zL0M1jK7tq5w4vb2gTUL9OgHC0g=; b=Q4qTDnL0JmEm/7dppyetpmQA7HMeYJM+mYq+/ydiP6pG1IMk3drVDpR33MwWoflzuJ 5JjhTip2RHE/ls4L0nTOPmN//3vxu+5nWWW6OlZs3NxhGQDOifp/6JeEBEEN129CETH3 Cxdkk8rFWRKZmweWL9YBNdjRRyp/odXGRHypq9ICz66I4BiytWTw14i7vXu2DBsXOGOU oCN8wak3zOGdY4QHnwqFNHWE12k/JNq8RAJXpBDqUYyrG2C3gLIyqVyNJuKvvSypMcdB JAcMX/a00ERNMjc1Rk3xSR6OdjJ06CNXuGL0xbqYVxUsmEYVfSkpkwkBxsP1cHWZBUs0 yyPQ==
X-Gm-Message-State: ACrzQf3DnzpkuDjPebwONmD4Oid+G8Nilab6ka1Rio/TrFA/dHUegufQ VnpeOnt2smw8yTL/TR0zYRyG2foiYRMT7RqJcHo=
X-Google-Smtp-Source: AMsMyM5rDYDo59P+N77C7lZL5TCZzYVhL+GeXO7szYzrETmTwT7i0VJ5ofLMy64MIXnW9Ed0EE3Hx+Fe58NtSUIAsUM=
X-Received: by 2002:a05:6512:689:b0:4a2:5955:54fb with SMTP id t9-20020a056512068900b004a2595554fbmr9477701lfe.656.1666522994535; Sun, 23 Oct 2022 04:03:14 -0700 (PDT)
MIME-Version: 1.0
References: <9D6D6E80-B0B0-4CAD-B301-B0A17F9C6663@marmot-tech.com> <04FF4BB2-F8F3-4610-B33E-D4004C757E3B@marmot-tech.com> <CAH48Zfx+JPeoaFA4Z2zw982-+BkJcReyjK07u8w69KMSWx8vYQ@mail.gmail.com> <MN2PR11MB4351C32D2621D2024B39802BF72A9@MN2PR11MB4351.namprd11.prod.outlook.com> <CAH48Zfx0B5nvz9B2WJ-uUEeszyaoHbPoc1oubmjnrqo_H3x3Sw@mail.gmail.com> <f0d90ca7-38b7-3a1d-2be9-30cad7bec31c@tana.it> <CAH48ZfxcYFCj_5S7CU+r-d1yypMCOX9=UvLmTCqMNSa_kejycw@mail.gmail.com> <CAJ4XoYdvk506_L6BjZD2EYWfAyCgLWTgGS3qsV0_=XHC76--Nw@mail.gmail.com> <CAH48ZfxHzEHRGW-Omkj_HotO6kSdUByxhJstQTWn5hpOapYaRQ@mail.gmail.com> <CAJ4XoYe+s7BmFcvtNPaWu1i4kv_j=CtqA1DbkusfGk9s4rDYeA@mail.gmail.com> <560ccd88-2217-9e47-f690-6bc413c67ffa@tana.it>
In-Reply-To: <560ccd88-2217-9e47-f690-6bc413c67ffa@tana.it>
From: Douglas Foster <dougfoster.emailstandards@gmail.com>
Date: Sun, 23 Oct 2022 07:03:02 -0400
Message-ID: <CAH48ZfwYOdYynFRFMZO33iEjZBg2gNy_prG=wfDQjibeAxYS2A@mail.gmail.com>
To: Alessandro Vesely <vesely@tana.it>
Cc: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001971f805ebb19f97"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/ry_yfMv80IlwZcegkVZcQxwNynU>
Subject: Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 Oct 2022 11:03:20 -0000

Is it not a violation of GDPR to require DMARC participants to collect and
transmit data that is not essential to DMARC?


The decision of how to handle indirect flows is outside the ability of a
domain owner to control.   Knowing that a message was accepted by local
policy says that the source is probably not malicious and therefore does
not need takedown.   Server identity and Mail From address provide the
necessary information for takedowns that are needed.

On Sun, Oct 23, 2022, 6:29 AM Alessandro Vesely <vesely@tana.it> wrote:

> On Sat 22/Oct/2022 18:25:55 +0200 Dotzero wrote:
> > Unaligned signatures are orthogonal/irrelevant to DMARC. They may be
> useful in
> > other contexts. In the DKIM standard, signatures mean that the signer is
> > asserting some (unspecified) responsibility for the signed message. That
> may be
> > useful for some reputation systems.
>
>
> Somewhat skewed w.r.t. orthogonality, actually.  Indirect flows are
> explicitly
> mentioned in the I-D as a reason to override DMARC dispositions:
>
>     There MAY be an element for reason, meant to include any notes the
>     reporter might want to include as to why the disposition policy does
>     not match the policy_published, such as a Local Policy override
>     (possible values listed in Appendix A).
>
> ARC too is a kind of unaligned signature, albeit with a bunch of
> additions.
> The extra information it carries, designed to bestow enough trust in the
> chain
> of custody to outweigh the self-referential reliance of aligned From:,
> doesn't
> substantially change the semantic of DKIM signatures.  And we should say
> how to
> report it, sooner or later.
>
> I'm not proposing to mandate the evaluation of any evaluable item.
> However,
> I'd neither discourage it.  Perhaps technology will provide us with
> ecological
> sources of energy.
>
>
> Best
> Ale
> --
>
>
>
>
> _______________________________________________
> dmarc mailing list
> dmarc@ietf.org
> https://www.ietf.org/mailman/listinfo/dmarc
>

v2.23.0 | Report a Bug | By Email