Re: [dmarc-ietf] Ticket #1 - SPF alignment

John R Levine <johnl@taugh.com> Tue, 02 February 2021 19:13 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C20083A0DDA for <dmarc@ietfa.amsl.com>; Tue, 2 Feb 2021 11:13:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=e9B5qX5F; dkim=pass (2048-bit key) header.d=taugh.com header.b=G4Kfux66
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JxvQttNEUy96 for <dmarc@ietfa.amsl.com>; Tue, 2 Feb 2021 11:13:44 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AA9883A108F for <dmarc@ietf.org>; Tue, 2 Feb 2021 11:13:44 -0800 (PST)
Received: (qmail 689 invoked from network); 2 Feb 2021 19:13:43 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=2ad.6019a467.k2102; bh=Qhra+OSb9xUTYL4lyiN0U1jPi/CF50IJlJT3U5ErMPw=; b=e9B5qX5F3WNTOKiVgoB7I0fPnZxOTE2TLEoOpfNfvNnVBAoIvzmLIvdxWbe4lVc+N7aaE8rUWE1emCrFK/VgA901mZ6GyX6UNZx9SO9BEKXyHfMcFm7M2YKnHNm6C6ox9QdfrXNN6ZWsAbwfLEhCzxLWWYI0Jnc8v2JP6o5FdG1kDioabc+l0WBUkAWAIkRsC4AvFz/LBOTBIND2xe55AauZtsVcUWp55kN5lWEyCN82rdb78sEQeaLOBzrYw8f9duJ9oZYBWdE4BEqxnAnx52PsxzvNAcHaoY363B9MxLUOy1FsS0HTzJJ2ZTG+w+BPU/FPy6RlKSNaEoIFUqzV4Q==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:references:mime-version:content-type; s=2ad.6019a467.k2102; bh=Qhra+OSb9xUTYL4lyiN0U1jPi/CF50IJlJT3U5ErMPw=; b=G4Kfux66udo9aZM5oAi48S7DvNSUIKjkJllAy0IzblUOitJ9czvBJhzMhmoCGs9x20o3MR07zae9vMHUc3W0slCbepZksWsfNPQOHLLBKqeCCgRIdsRoh2ew+VAW6qj8dJa5rQSYl62sqUHd7fe5wP0HDA8dLMg6ZBIloP2tyVFmiWD7CDnBpbWSe6/saQTSJ7K/Iu6RFZG00JYbIxu3oHTU3hi+nisT3j13MRHJjy4a9F+lz6MdP2dAM3a7gc+kS4CW82tZoZZRXmCcW+ELJDf0JWSnfCAjz5LRb9jukeSDH+LY+4dxGdnLOHEn54KOf6yosdoI4aosHZwr4cOPOQ==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 02 Feb 2021 19:13:42 -0000
Received: by ary.qy (Postfix, from userid 501) id 57E316D2D8D7; Tue, 2 Feb 2021 14:13:42 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by ary.qy (Postfix) with ESMTP id 1A9176D2D8B9; Tue, 2 Feb 2021 14:13:42 -0500 (EST)
Date: 2 Feb 2021 14:13:42 -0500
Message-ID: <18d01d3d-9a22-fe33-fa36-8f3a92cce4@taugh.com>
From: "John R Levine" <johnl@taugh.com>
To: "Alessandro Vesely" <vesely@tana.it>, dmarc@ietf.org
In-Reply-To: <286b8e6c-67b4-2c16-1632-16bf8cd95b78@tana.it>
References: <20210202174909.517906D2C88B@ary.qy> <286b8e6c-67b4-2c16-1632-16bf8cd95b78@tana.it>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/tcb76WmSeFrHGKXrhcX8xsLoMXk>
Subject: Re: [dmarc-ietf] Ticket #1 - SPF alignment
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Feb 2021 19:13:47 -0000

> An SPF library implements the check_host() function.  It's up to the client 
> to call it multiple times.  Is that client DMARC-aware?  As you may have 
> guessed, my question is intended to understand how does a DMARC 
> implementation actually ascertain whether an "spf=pass helo=smtp.example.com" 
> is enough to validate "From: user@example.com"quot;.

I use the opendmarc library and libspf2.  For the SPF check, I give it the 
IP address, the HELO, and the MAIL FROM, and it gives me a result.  I then 
pass that result to the DMARC library along with the DKIM results. 
Looking at the code, I see I tell it whether SPF checked HELO or MAIL FROM 
by simply checking whether MAIL FROM was null, but I don't know what the 
DMARC libary does with that.  Maybe Murray remembers.

There is some commented out code to not pass a HELO result to DMARC, don't 
remember why I turned it off.

Again, I believe this is typical of what DMARC validators do.  It's 
existing practice and I see no reason to change it.  Can we stop now?

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail. https://jl.ly