IETF Logo Mail Archive

Re: [dmarc-ietf] DMARC bis: ticket 51: disposition reporting in aggregate reports

Seth Blank <seth@valimail.com> Wed, 30 September 2020 15:39 UTC

Return-Path: <seth@valimail.com>
X-Original-To: dmarc@ietfa.amsl.com
Delivered-To: dmarc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB64E3A0ABE for <dmarc@ietfa.amsl.com>; Wed, 30 Sep 2020 08:39:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, TVD_PH_BODY_ACCOUNTS_PRE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=valimail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6NHybYUkDZI6 for <dmarc@ietfa.amsl.com>; Wed, 30 Sep 2020 08:39:29 -0700 (PDT)
Received: from mail-wr1-x431.google.com (mail-wr1-x431.google.com [IPv6:2a00:1450:4864:20::431]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 801943A0AB4 for <dmarc@ietf.org>; Wed, 30 Sep 2020 08:39:29 -0700 (PDT)
Received: by mail-wr1-x431.google.com with SMTP id j2so2327449wrx.7 for <dmarc@ietf.org>; Wed, 30 Sep 2020 08:39:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=valimail.com; s=google2048; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xWwmTg6viaDr08DMzLlXYCnMA7qBpmaZGDYwtLpaoEY=; b=ZoCXUVRZxBYkA0CsDIoT3eb02qsKdBFQz2IynPD8jMf8CQkWkd6aPjEmEk1o4r73YH cnPxDOPG8VEW7DqGO1y3dZBRV2Ee1IQYjtb8MXHY1iNMq0xcV1lEf83pD1PKt43XONeG hWV7yBVxDmZKq21nkmAddRuNWPONo27nUVLpUp+PXxM++ImCN4y2UCr2e10U1pbP0i1L HgQFXpxT1mw5Xra8EhsKpuyHy9+mpq1eCzxglWH+NEjII79HEWjFIGJSFfSQu2pczmKH mbaO28yXpoxdH0scVh9z8uznm4K6+b5Jk4C5yrKewQqnz+T53l84ANOS9RNXzsYsgz+p DYuw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xWwmTg6viaDr08DMzLlXYCnMA7qBpmaZGDYwtLpaoEY=; b=DEwpoXPaDUwcFcDEvHrr85I0f9YAMfgMnvAnW5UAQDN0jrwvazrE9wEpp6A48Ln2GY UK8CEJhgH1Gko5a7+VCQ36EU42HjTho6QFkLfIdIiIzk9mpZ4WGlgY7WuXpkcZg48ajn OnOY1K4N2q+AWWDoQmfXQlQMZYEZp3n8Prbtx/QcsaQdorGojjfFpLZYgAhCyHsM3kZy vcm0Q1JTivCRrOpdUJlgD0P0Q3ZHWz9+UKSvVB7C4+kGnggofLAS0Qh2d39EWVGd+FRq teIDz/FpeVCrpmnRsCdS6AHSnpEE1P48BUiOQbTnopHF2v6JgD0Zaa/hyTyHbGb+8ZKP 0Rmg==
X-Gm-Message-State: AOAM531IsQhI5uSie7VuM5ao8mLlTsA7dPQBCiAzy3muNoc+jQR0GMAx us57yZIkdi6szEKa8WUQZRtgiVliWSQc7JRwI/8au3zvKfdTGQ==
X-Google-Smtp-Source: ABdhPJz8aL10jmkXxQ1fQFRyTCKsvl+w4QyuNOeUBQ7+8Mk/3QVOfVcWGdGJzvMNG3ItbxN2IriFT0XkLT0SsNE5oVE=
X-Received: by 2002:adf:df87:: with SMTP id z7mr3927212wrl.239.1601480367915; Wed, 30 Sep 2020 08:39:27 -0700 (PDT)
MIME-Version: 1.0
References: <CAOZAAfPVicBggPbctta9w-v5G2cHxMtuUwB-stu+0-KB85hCiw@mail.gmail.com> <CAL0qLwZOb00dKfQu5Uraigb3SiCBXwtzhRg5bh9sWv==yBw9pg@mail.gmail.com> <CABuGu1q2oxYq_1ReGzDFj+iRRhsmw=tLuZORxSTXs1Zv4eHqbg@mail.gmail.com> <CAOZAAfMz+eTkVW6Nytpsa1-GaXL3GuULwdrG9so=ybjXo+aS4A@mail.gmail.com> <10f0dc9f-ba9e-1a64-39f6-1d98baef582d@tana.it> <CABuGu1rCKFSENSEwuW-f1S0MvZxyBZGSAdz5G6NsatgEvgfZog@mail.gmail.com> <CAOZAAfPbRi4u-vpUtMXZM618+uH4w9teUPQKWpvTTCKTZn86jQ@mail.gmail.com> <974d8e44-0cf6-fa06-9437-04fb86ec99ed@dcrocker.net> <CABuGu1oX2Q2L-KbdGwmxQkGwox5gjQtfXR-uZw8fTkG2yo3fEA@mail.gmail.com> <CAOZAAfO4sGsrnZgotKnGBpwkjOXOjQBgAshroqoD+hiNksVeng@mail.gmail.com>
In-Reply-To: <CAOZAAfO4sGsrnZgotKnGBpwkjOXOjQBgAshroqoD+hiNksVeng@mail.gmail.com>
From: Seth Blank <seth@valimail.com>
Date: Wed, 30 Sep 2020 08:39:16 -0700
Message-ID: <CAOZAAfNZwNF00mz2-O6utyB3B9z-_iAL0SWwJcahWi8mK7UQzw@mail.gmail.com>
To: "Kurt Andersen (b)" <kboth@drkurt.com>
Cc: Dave Crocker <dcrocker@bbiw.net>, "dmarc@ietf.org" <dmarc@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000071f94405b089b4dd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dmarc/wc3hc1bw7IlVYbnN50CUfnMyTJg>
Subject: Re: [dmarc-ietf] DMARC bis: ticket 51: disposition reporting in aggregate reports
X-BeenThere: dmarc@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Domain-based Message Authentication, Reporting, and Compliance \(DMARC\)" <dmarc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dmarc>, <mailto:dmarc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dmarc/>
List-Post: <mailto:dmarc@ietf.org>
List-Help: <mailto:dmarc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dmarc>, <mailto:dmarc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Sep 2020 15:39:33 -0000

On Wed, Sep 30, 2020 at 8:12 AM Seth Blank <seth@valimail.com> wrote:

> On Wed, Sep 30, 2020 at 8:01 AM Kurt Andersen (b) <kboth@drkurt.com>
> wrote:
>
>> On Tue, Sep 29, 2020 at 3:50 PM Dave Crocker <dhc@dcrocker.net> wrote:
>>
>>> On 9/29/2020 3:08 PM, Seth Blank wrote:
>>> > I don't know of any receiver that checks DMARC, but then doesn't check
>>> > alignment
>>>
>>> It's not a matter of field statistics:
>>>
>>>       Since checking alignment is an obvious part of the DMARC
>>> procedure, if someone does not follow the specification, they are not
>>> doing DMARC.
>>>
>>
>> Does that mean that "none" is not an appropriate verdict?
>>
>
> No, per https://tools.ietf.org/html/rfc7489#appendix-C "none" is the only
> option for when a policy action is not undertaken:
>
>    <!-- The policy actions specified by p and sp in the
>         DMARC record. -->
>    <xs:simpleType name="DispositionType">
>      <xs:restriction base="xs:string">
>        <xs:enumeration value="none"/>
>        <xs:enumeration value="quarantine"/>
>        <xs:enumeration value="reject"/>
>      </xs:restriction>
>    </xs:simpleType>
>
> The point of this thread, and where consensus appears to lie, is adding
> another value to disambiguate the use cases.
>


Hit send too fast, that's only part of the relevant schema, the rest (which
uses the above) is:

   <!-- Taking into account everything else in the record,
        the results of applying DMARC. -->
   <xs:complexType name="PolicyEvaluatedType">
     <xs:sequence>

*       <xs:element name="disposition" type="DispositionType"/>*
 <xs:element name="dkim" type="DMARCResultType"/>
       <xs:element name="spf" type="DMARCResultType"/>
       <xs:element name="reason" type="PolicyOverrideReason"
                   minOccurs="0" maxOccurs="unbounded"/>
     </xs:sequence>
   </xs:complexType>



>
>
>> --Kurt
>>
>
>
> --
>
> *Seth Blank* | VP, Standards and New Technologies
> *e:* seth@valimail.com
> *p:* 415.273.8818
>
>
> This email and all data transmitted with it contains confidential and/or
> proprietary information intended solely for the use of individual(s)
> authorized to receive it. If you are not an intended and authorized
> recipient you are hereby notified of any use, disclosure, copying or
> distribution of the information included in this transmission is prohibited
> and may be unlawful. Please immediately notify the sender by replying to
> this email and then delete it from your system.
>


-- 

*Seth Blank* | VP, Standards and New Technologies
*e:* seth@valimail.com
*p:* 415.273.8818


This email and all data transmitted with it contains confidential and/or
proprietary information intended solely for the use of individual(s)
authorized to receive it. If you are not an intended and authorized
recipient you are hereby notified of any use, disclosure, copying or
distribution of the information included in this transmission is prohibited
and may be unlawful. Please immediately notify the sender by replying to
this email and then delete it from your system.

v2.23.0 | Report a Bug | By Email