Re: [dmarc-ietf] report floods, not Forensic report loops are a problem
John R Levine <johnl@taugh.com> Fri, 29 January 2021 01:30 UTC
Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77D5E3A0981 for <dmarc@ietfa.amsl.com>; Thu, 28 Jan 2021 17:30:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=KgyAOzjv; dkim=pass (2048-bit key) header.d=taugh.com header.b=hDwS7LCN
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TCxdAmhd2gA6 for <dmarc@ietfa.amsl.com>; Thu, 28 Jan 2021 17:30:08 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 528AD3A0977 for <dmarc@ietf.org>; Thu, 28 Jan 2021 17:30:07 -0800 (PST)
Received: (qmail 50320 invoked from network); 29 Jan 2021 01:30:05 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=c48c.6013651d.k2101; bh=Br0udqHYpQHd1CMT9LqmatEPz2f6wd/VZZuu3AKwnE4=; b=KgyAOzjvKufWeaRWCkDTX2OwCLHVoW1g4e5uXUymRJPPO+xxQCuKOTxAEMPlEgyhUHzsEkr6GvkUwDee6NDt4LXhoG71IdAbrO2nGB2kawTi18UKhVJUNGxl+dx5lMepEiTValf1IYlEqGOlMI9bHTlqKuaZ9kgYZa/6Oq1J3KM6ujhTi5GeXA4lvacDN2rxVa3ZozLENhdzk22bzZ0HJC6rZHEun7RKbR0ZvguNMmvccXPyPLAS0peUcxnD4KzNWjLuZZ+w1uHGDglKwD/Qe4DBihqdlBPnPbaqg3ybgP1gAPXCdVDSjhfo5wJAMESgBfeoFiE5Vn8bKRDtm8smRQ==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type; s=c48c.6013651d.k2101; bh=Br0udqHYpQHd1CMT9LqmatEPz2f6wd/VZZuu3AKwnE4=; b=hDwS7LCNLGY5H3SoTuggOwFgdK6UUPc2j+O2zENQBKysgOOWCxZdE/eri3dPCI5Phh+2Bzbb/UYuN56l5+4NhSlDyd/q8dInHUa/p0JyunsOhA9rBe0nSELzPpYJ7w7ibNxDA4YuMRh6BFkMetomgzl8VJnzdITuvH/UoTW7CWl2jGSXtD6rtRKj5ICFfIvA+Sr7HJHpyvpCqnV3Z8WmHCTHOt+3nF5bcMD7DLyAa5XFeD1KKn7ZJp7Nn+cV0pQwPC0FW1vvJdgP/jNiI9AZl3vd0vOvhWIg/qGTAZZjzGdWyssEKuczS1+Ldt6vJ0/Bx9H9qWXEUN/m3qGIU5WWPQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 29 Jan 2021 01:30:05 -0000
Received: by ary.qy (Postfix, from userid 501) id 0057F6CE8151; Thu, 28 Jan 2021 20:30:04 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 6917E6CE8133; Thu, 28 Jan 2021 20:30:04 -0500 (EST)
Date: Thu, 28 Jan 2021 20:30:04 -0500
Message-ID: <e4f1469b-1c42-24f6-f06a-b8bf12f7da0@taugh.com>
From: John R Levine <johnl@taugh.com>
To: "Murray S. Kucherawy" <superuser@gmail.com>
Cc: IETF DMARC WG <dmarc@ietf.org>
In-Reply-To: <CAL0qLwZt6GNkDPrme5QuDqRCpZ3Tw5ESNqH_ehOBRT22w02WiQ@mail.gmail.com>
References: <CAL0qLwY5BbwvS9XXqBk=Mp074ntN=NeS97pJAxPBdQEZAsgohg@mail.gmail.com> <20210127203714.007C86CDB9CA@ary.qy> <CAL0qLwbN+HkGfvw79rPPvqL6jWWAsUtWY9X1gW=vAvoeQS8RHg@mail.gmail.com> <526bf4d5-5a7d-5a91-b965-36ffeab933f7@taugh.com> <CAL0qLwb3Z6DbVCvhSF=G6dxjoYwjLvwzbG0OOAUbD=F8H6+wyg@mail.gmail.com> <661b7adf-fcf3-1ada-4b84-cb4ee23a48a@taugh.com> <CAL0qLwZt6GNkDPrme5QuDqRCpZ3Tw5ESNqH_ehOBRT22w02WiQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/sM59lruJ8bJsyt7eqZfCID77tPM>
Subject: Re: [dmarc-ietf] report floods, not Forensic report loops are a problem
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Jan 2021 01:30:11 -0000
> OK, let's hop into your example. I care enough about DMARC to send reports > about it, and I want to send all of my mail aligned. I send a test message > that ends up unaligned somehow, perhaps through a broken relay I don't own, > and I would ideally like to get one message back that tells me that. If I > happen to send my test to a place that unintentionally sends an unaligned > report back to me, perhaps because of the same relay, I'm going to get > flooded, even though my local setup is verifiably correct. And, probably, > so are they. Report floods could be a problem, but they're a general problem that don't have a lot to do with failure loops. I used to get buckets of failure reports about random chinese spam that forged my domains on the From line. It's reasonable to say that reporters should rate limit failure reports to avoid flooding recipients, but that's true no matter who sent the mail being reported. Regards, John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY Please consider the environment before reading this e-mail. https://jl.ly
- [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Steven M Jones
- Re: [dmarc-ietf] Forensic report loops Juri Haberland
- Re: [dmarc-ietf] Forensic report loops Дилян Палаузов
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops John Levine
- Re: [dmarc-ietf] Forensic report loops Kurt Andersen (b)
- Re: [dmarc-ietf] Forensic report loops Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops Douglas Foster
- Re: [dmarc-ietf] Forensic report loops Дилян Палаузов
- Re: [dmarc-ietf] Forensic report loops are not a … John Levine
- Re: [dmarc-ietf] Forensic report loops are not a … Douglas Foster
- Re: [dmarc-ietf] Forensic report loops are not a … Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are not a … John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Juri Haberland
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Steven M Jones
- Re: [dmarc-ietf] Forensic report loops are a prob… Steven M Jones
- Re: [dmarc-ietf] Forensic report loops are a prob… Douglas Foster
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] Forensic report loops are a prob… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Murray S. Kucherawy
- Re: [dmarc-ietf] report floods, not Forensic repo… John R Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Douglas Foster
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John Levine
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John R Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Alessandro Vesely
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Dotzero
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… John Levine
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Dotzero
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] Forensic report loops are a prob… Michael Thomas
- Re: [dmarc-ietf] Forensic report loops are a prob… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… John R Levine
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Douglas Foster
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Michael Thomas
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Seth Blank
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… Alessandro Vesely
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Alessandro Vesely
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Dave Crocker
- Re: [dmarc-ietf] DMARC'ed reports, was Forensic r… Alessandro Vesely
- Re: [dmarc-ietf] Report bombing is a prolem, Fore… John R Levine