Re: [dmarc-ietf] Ticket #39 - remove p=quarantine

Todd Herr <todd.herr@valimail.com> Thu, 03 December 2020 14:22 UTC

Return-Path: <todd.herr@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE2843A0F02 for <dmarc@ietfa.amsl.com>; Thu, 3 Dec 2020 06:22:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M8LF6x57Bn34 for <dmarc@ietfa.amsl.com>; Thu, 3 Dec 2020 06:22:08 -0800 (PST)
Received: from mail-qv1-xf2e.google.com (mail-qv1-xf2e.google.com [IPv6:2607:f8b0:4864:20::f2e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 925A03A0F0A for <dmarc@ietf.org>; Thu, 3 Dec 2020 06:22:01 -0800 (PST)
Received: by mail-qv1-xf2e.google.com with SMTP id 4so992996qvh.1 for <dmarc@ietf.org>; Thu, 03 Dec 2020 06:22:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=bY5rbHZIrkF1UsCqxMA9KgmHhKFkcK77ZUVvIoqVXYA=; b=MeObyLkKhEU0eJSPmCWpU3l4aIrv2h4xrIemE7VYxCDyxERQ2hwS7AqgAXveDt46uV hic3HiiKKCocay7kQVetikROXP/15SU+PY7rooKeis05nN42gjQdt2T9OwMpmqH9shAE 5QlRd9NwKVhe7tfKBHvrDZIKSs/4ysOj/9FZoZhtC8sHORDFpWPmg38+pV1+mBjklkEs +XR/MgjMAu1mQXdZAZZ/AtmQ19L9wG9jhN5Fyl8+sXCA6AKxzkggDO+JDQ4god2NoLAH qW4QzbjXQ55bGtmQlO8Mt9KXwcYYBD+189OY2z8K4VvyOZzP5B5G8QzlPTXj4S9kmKty B3KQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=bY5rbHZIrkF1UsCqxMA9KgmHhKFkcK77ZUVvIoqVXYA=; b=PNrEo7nXR3blynJwhYLxznfnbiPvLPW9gF8rwjbGWzrFpY3841FX8JKJtH9GwKVA1T Dnso/N5GXubxTNZ5pRSHEPluA65aj/0OieY67Ry7KJGxTRhmFbQI+Zyk7+tLG2Q0zYMq QbIyhHZx6S2iOr4tXTjxLw18TPuht29LbvTOi5NVdNDVCzXqTgB8vs7XjP4kWAKyz0wK WqBgPnxn17xOQ8KWGBG6ImMroHDFORzKMflktzBjcpRBCbDtHDZfLIjiJHivDnmunDPg d0HKWna05BXPHv928XWGLqg1sbO8dEWg61hYmtiU7MrHboCEpA2gnnVZjMM77BwAK6c3 eHUQ==
X-Gm-Message-State: AOAM530JIhqF65rjMNaFCA52gHKP6LFUMlu+6hkt2LtneO6VdF3LijsE oVXZV7+Y4+1C/axm1LtSIaKU+lxWKAoIgTzLJkilcSQBZ+I=
X-Google-Smtp-Source: ABdhPJzDomNdQonzYXduegcNYZA7DW4HOsIt5o2haI/3pWJ7fmapLYxnEsBlp2TlX+xQnfFo7layM7v+JQ+2TMsDvbE=
X-Received: by 2002:a0c:db11:: with SMTP id d17mr3259451qvk.39.1607005320323; Thu, 03 Dec 2020 06:22:00 -0800 (PST)
MIME-Version: 1.0
References: <a49a7a79-6c52-ded7-60a3-754cd12fb7c3@taugh.com> <5C559553-3F45-494D-9714-F7BC47BB82FF@wordtothewise.com> <B3AD64BB-1636-4632-ABB5-96E675CDC5F1@bluepopcorn.net> <2F1BED43-5AE5-42BC-AA45-67C5FDAF6CB8@wordtothewise.com>
In-Reply-To: <2F1BED43-5AE5-42BC-AA45-67C5FDAF6CB8@wordtothewise.com>
From: Todd Herr <todd.herr@valimail.com>
Date: Thu, 3 Dec 2020 09:21:44 -0500
Message-ID: <CAHej_8=qwDDYA3i9tb_t-EjtJXabq1X_pstRpuAp_wwgFUcHDA@mail.gmail.com>
To: IETF DMARC WG <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000453ccd05b59015e0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/sfut2M4gsNZ1AvphKRCMZPEPvzc>
Subject: Re: [dmarc-ietf] Ticket #39 - remove p=quarantine
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Dec 2020 14:22:18 -0000

On Thu, Dec 3, 2020 at 4:28 AM Laura Atkins <laura@wordtothewise.com> wrote:

>
>
> On 3 Dec 2020, at 06:03, Jim Fenton <fenton@bluepopcorn.net> wrote:
>
> On 2 Dec 2020, at 1:47, Laura Atkins wrote:
>
> p=quarantine is quite useful, particularly for those folks who are trying
> to get to a p=reject state.
>
> In practice, senders who publish p=none don’t find all of the indirect
> mail flows as some mailing lists do nothing to transform the 5322.from
> address for a p=none policy. Senders have found that when they switch from
> p=none to p=quarantine pct=0 they regularly find mail that was not failing
> for a p=none.
>
>
> I’m really confused by this. It sounds like the 5322.from address
> rewriting is creating additional errors that didn’t exist beforehand, and
> that’s the opposite of the intended purpose. Isn’t the purpose of rewriting
> the 5322.from address to change the domain to that of the mediator, which
> should redirect reporting to the mediator rather than the original sender?
>
>
> What I am trying to say is that as I understand it from the folks who
> professionally deploy DMARC, they regularly use p=quarantine pct=0 as part
> of the deployment process. There are DMARC failures that go undetected in a
> p=none situation but that is detected in a p=quarantine  pct=0 situation.
> My understanding was this was related to indirect flows through mailing
> lists and how mailing lists are handling the header transformation but it’s
> possible I got that piece incorrect.
>
>
Time was (and may still be) that there was a very specific type of mailing
list for which p=quarantine, pct=0 was required to get accurate DMARC
reporting, and that was for mail that transited Google groups. There've
been a couple of public discussions of the topic over on mailop, including
a thread from April 2018 with the subject of "DMARC p=quarantine pct=0".


-- 

*Todd Herr* | Sr. Technical Program Manager
*e:* todd.herr@valimail.com
*p:* 703.220.4153


This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.