IETF Logo Mail Archive

Re: [dmarc-ietf] WGLC editorial review of draft-ietf-dmarc-dmarcbis-30

"Murray S. Kucherawy" <superuser@gmail.com> Sun, 31 March 2024 20:33 UTC

Return-Path: <superuser@gmail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04B8EC14F698 for <dmarc@ietfa.amsl.com>; Sun, 31 Mar 2024 13:33:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MMG06dRhfwYT for <dmarc@ietfa.amsl.com>; Sun, 31 Mar 2024 13:33:25 -0700 (PDT)
Received: from mail-ej1-x62a.google.com (mail-ej1-x62a.google.com [IPv6:2a00:1450:4864:20::62a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 91B5FC14F689 for <dmarc@ietf.org>; Sun, 31 Mar 2024 13:33:25 -0700 (PDT)
Received: by mail-ej1-x62a.google.com with SMTP id a640c23a62f3a-a4e2a4633ceso100183266b.1 for <dmarc@ietf.org>; Sun, 31 Mar 2024 13:33:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1711917202; x=1712522002; darn=ietf.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=AB7Pof/TNFspqVLMvAn2GmzNGc2pgY9ffIZzOW7nUdo=; b=Y0y3Ooye0NJ4J0Z+T5K/CeDZmRkLFbqmwQfqCOlzuHuKZ1mq+b2lfZTM+sHsVhhqxd fBy1J9GBJqP2zbzkPg2cDqWHhmcbP8G1HGyisnxPfHmS7C5eINae54sD0Bhle4N9bNPJ UFnIHnEr59VrUn+ii8WhdXihWLpEPq9Nzec1y/QuiWubWzM1gjU5pa2DwkHEW+ODiYvS JkGRC2jfdC+ZuefVDDrFz8fPV0Er4tGNa3XPuicsxYTlBSQNBKOq3k2DVW1PUEohEJyZ OGy3+sEI4WFvu/zm31EK71H4GegUZP4PT9oAYg0ZvRhzQ/vusRpfeLilYQ2yfBBI648U ivAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1711917202; x=1712522002; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=AB7Pof/TNFspqVLMvAn2GmzNGc2pgY9ffIZzOW7nUdo=; b=b47sFafzMGtECDkgeBQVPWrgkfsiQN/rkUpF82ha7mdh8fc99xLaVHVDir0NcSXauN MXA72J8K7pfRlH7FTEsWe29e2CFVJ3cnCvv4D4nBIETTTj1EZjJTMI3WSFHl1cT5QPPK b7CvTeRqS6/AoalyxhR6YcrQuJNoiMHtz0nGto9XmRSCJ6pE5fnkG5Rrd7rBIflw/+i6 2FF1nX+a+kf4zplu4AVPExJZZ98J04WryaRu3+oM2AW60VMMJpK0jQwqXqyPYKcdhB60 bVxU8uZOhGJHO9YtkyLXGR+3wjvvwm9kGbkdDLZ+TFgnswB5QIZ1zExDLvQdbvQNdPck qmQQ==
X-Gm-Message-State: AOJu0Yz7vy5WgDdlLE3SDGa8L9pKYdqCdAUfnYnDI/TN3Ora0Gz8ilEy lKDbnZ0pj1hUFuIJHM4od3JujXmk0gFzUL9YuxtZUR8g2VRWGsshbOpJxJqf/uLmLfg264FROWV +fzlVdScjSnIcFs7xK/barM7G+IWR+67p5Gc=
X-Google-Smtp-Source: AGHT+IEOFVh/s+zX00lSNRx2i8eNeYZhqYD4upAVUasEZdcY4mWhxe4E3WXuIOebYEAcF5shqQudItRL8Er7jncUCBI=
X-Received: by 2002:a17:906:fe42:b0:a4e:375b:ef23 with SMTP id wz2-20020a170906fe4200b00a4e375bef23mr4829926ejb.0.1711917202485; Sun, 31 Mar 2024 13:33:22 -0700 (PDT)
MIME-Version: 1.0
References: <CAOZAAfPwJHKGyLjTkdGDqkMeK4RQX4Fj0rw-Upn0cLZ+cE74aA@mail.gmail.com> <2cdd13ec-9d7f-4732-91ea-9c8983d7a28c@tana.it> <CAH48ZfzaNR2A6zUWVeeoay+UHLHTzja9f5RGfAt5htXd21C0KQ@mail.gmail.com> <d4405d75-f22e-4cdc-92d9-71a3fc258c13@tana.it>
In-Reply-To: <d4405d75-f22e-4cdc-92d9-71a3fc258c13@tana.it>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Sun, 31 Mar 2024 13:33:10 -0700
Message-ID: <CAL0qLwYtc-jyosmhb1_CwK=SBL9azqfD5_Z2aL8h-kJiZedjxA@mail.gmail.com>
To: dmarc@ietf.org
Content-Type: multipart/alternative; boundary="000000000000bd3cc10614fac8be"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/wVAZI52dKJbAcWmOzEMEFHNWRIM>
Subject: Re: [dmarc-ietf] WGLC editorial review of draft-ietf-dmarc-dmarcbis-30
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Mar 2024 20:33:26 -0000

On Sun, Mar 31, 2024 at 9:32 AM Alessandro Vesely <vesely@tana.it> wrote:

> On Sun 31/Mar/2024 14:22:04 +0200 Douglas Foster wrote:
> > On SPF, our document should say simply,
> > " a DMARC-compliant evaluator MUST NOT reject a message, based on SPF
> result,
> > prior to receiving the Data section and checking for aligned and
> verifiable
> > signatures."
>
> Nonsense.  Rejecting at RCPT TO is much quicker than waiting for the whole
> message.  People who publish -all know what they do.
>

Of course it is, but it prevents DKIM signatures from being tested, and
hence DMARC from being evaluated.  Maybe that's what you want, but maybe
it's not what everyone wants.


> I also reject based on RBLs and private IP lists; does that affect DMARC
> compliance?
>

I might argue that you can't possibly claim DMARC compliance if you're not
even getting far enough to execute its algorithm.

-MSK, p11g

v2.23.0 | Report a Bug | By Email