Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP

Doug Foster <> Tue, 17 November 2020 14:46 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 7F7D33A13BC for <>; Tue, 17 Nov 2020 06:46:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id C3yenla2-K1p for <>; Tue, 17 Nov 2020 06:46:31 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id D52573A13C0 for <>; Tue, 17 Nov 2020 06:46:30 -0800 (PST)
X-ASG-Debug-ID: 1605624385-11fa314802a51f0001-K2EkT1
Received: from ( []) by with ESMTP id q8qpnG1szty3iwMH (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NO); Tue, 17 Nov 2020 09:46:25 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=s1025; h=message-id:subject:to:from; bh=niamDJ0M6reopRSGwfZddhKOExCwRGEoWt4JExLFJR0=; b=KtD1aATl3jsBJ/nc30qpOEBncOS17USYKrSiEu87nn2SfVA+TYvrGwelJs8otAlRH jvmuxirggz2SXaLvk3cLpTBT0cLOi6FVBMKNzTc82eR0W77Aqo20tYg6irl5do8hu shD0Jfh0p97F2FRgClC7Esvtc17Y1rQ5hEdL8gbrM=
Received: from MSA189 (UnknownHost []) by with SMTP (version=TLS\Tls12 cipher=Aes256 bits=256); Tue, 17 Nov 2020 09:46:18 -0500
From: "Doug Foster" <>
To: "'IETF DMARC WG'" <>
Cc: <>
Date: Tue, 17 Nov 2020 09:46:19 -0500
X-ASG-Orig-Subj: RE: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP
Message-ID: <003f01d6bcf0$69055b60$3b101220$>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0040_01D6BCC6.80303DC0"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: Ada88GFJ86kRpbyJQy29R2Tb4HxNaA==
Content-Language: en-us
X-Exim-Id: 003f01d6bcf0$69055b60$3b101220$
X-Barracuda-Start-Time: 1605624385
X-Barracuda-Encrypted: ECDHE-RSA-AES256-SHA384
X-Virus-Scanned: by bsmtpd at
X-Barracuda-Scan-Msg-Size: 10555
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=9.0 tests=HTML_MESSAGE
X-Barracuda-Spam-Report: Code version 3.2, rules version Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 HTML_MESSAGE BODY: HTML included in message
Archived-At: <>
Subject: Re: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd: Definition of NP
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 17 Nov 2020 14:46:33 -0000

I did not see a definition of a “non-existent domain” (the np policy).   A definition is needed.


To my thinking, the obvious rule should be to query for a NS record for the domain.  If the record exists, then the domain owner could create a DMARC record for that domain, or could create a default entry for the domain at the organizational level.  If no record exists, it is because the domain owner chose to not create one.


However, the DMARC Bis document conflicts strongly with this.  In section A.4, it suggest several ways to do a test of this type, then repudiates all of them.  NS lookup is not one of the mentioned options.


There is a possible second-level policy test for a “mail-enabled domain”.  I would define that test as “MX record exists or SPF policy exists”.    That could be an additional option to NP, but should not be a replacement for it.


PSD for DMARC clearly intends for the NP policy to be a general solution to a general problem.    If there are still objections to it becoming a general solution, this should be addressed soon.


Doug Foster



From: dmarc [] On Behalf Of Tim Wicinski
Sent: Friday, November 13, 2020 1:42 PM
Subject: [dmarc-ietf] Second WGLC for draft-ietf-dmarc-psd





During the IESG reviews of draft-ietf-dmarc-psd, there were several issues raised with some of the document.   Most of them are editorial but the one big item was the description of the Experiment.   The chairs sat down and broke out the experiment section into three separate experiments, and included language on how to capture the data to confirm how the experiment worked.  


It's enough of a change that we wanted to do a second working group last call to make sure the working group agrees with our changes. The diff of the current version with the previous version is here: <> &url2=draft-ietf-dmarc-psd-09


This starts a *one* week second working group last call for  draft-ietf-dmarc-psd

Please review the changes and offer up comments to the working group.

This working group last call 20 November 2020