[Ietf-dkim] DKIM-Signature: r=y and MLM
Dilyan Palauzov <Dilyan.Palauzov@aegee.org> Sat, 11 August 2018 03:38 UTC
Return-Path: <Dilyan.Palauzov@aegee.org>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C63B130EC8 for <ietf-dkim@ietfa.amsl.com>; Fri, 10 Aug 2018 20:38:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (4096-bit key) header.d=aegee.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U60UHiUE77pI for <ietf-dkim@ietfa.amsl.com>; Fri, 10 Aug 2018 20:38:49 -0700 (PDT)
Received: from mail.aegee.org (mail.aegee.org [144.76.142.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5ED0130EC6 for <Ietf-dkim@ietf.org>; Fri, 10 Aug 2018 20:38:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aegee.org; s=k4096; t=1533958720; i=dkim+sm-localhost@aegee.org; r=y; bh=AU99W+rSfk6UJHkI9TZQHnUoaY/y+vI0Wmfihh7f4mQ=; h=Date:From:To:Subject; b=FbQ17aQI1cVDjwkl665nRV+W2k/6UA9OtRKvW8nj8Gde3CISSmbBJ9K4/je4dB8FT WJHWUUbqPJJWxULu+JF63WQWmHmrnTgbyVFp/5QVv/3SUfL1GQvv0g7n2qz/lLaGTa doWyVbuhaoTdXWb9eOnmOU44xQjkaqfb9XvJJEB5yBnd7pubwtYgpi+mQPhuEG6/YE JszeGhUdtmXNTNw1BJEZ+0BGJy3RDzYNT4Ic8cqBxqh9eXYldna9NG48+Oi7SDm/5B vCyWA6UYVR9SCmVKZ5jrb3T+NC46+gnRGxTeGPo4bnw7vqvAXpQlYtC/YkUuxJxR2r XyQGXBtSKsi8tBJtVibk0PB1pIlPi9aZsMLrnjJLBCXSRbk/JQA5IhkYX3sZ1l1+DE mnP0wh9LlKmBiDBQPw54iD8QYb4JhDTvb+5A6LV650nkavCwlUJotTb36nd1QhLQin i4uXKi54hfNyrFcqEz8gBDmC5SiNieAPUUZ6wUW+dL/y4uvTO9CX4W/UEBqYnrM/Id k+cnDSLgOCy12VX4ouLOOJpwC8dAHgxTVuyDMKlJQKAH1SqX+azl/jLzcKBCLh/lNI RhmSr4pk8qYM1K0H+TgIbvLcLEKFnb6Q065HG0F3uOMp83Rp1RhHhs41xF/3G+jkvQ dxnKd6xILVX3s4r+3wxk/bzc=
Authentication-Results: mail.aegee.org/w7B3ceqL003520; dkim=none
Received: from mail.aegee.org (localhost [127.0.0.1]) by mail.aegee.org (8.15.2/8.15.2) with ESMTP id w7B3ceqL003520 for <Ietf-dkim@ietf.org>; Sat, 11 Aug 2018 03:38:40 GMT
Received: from c-76-102-151-26.hsd1.ca.comcast.net (c-76-102-151-26.hsd1.ca.comcast.net [76.102.151.26]) by webmail.aegee.org (Horde Framework) with HTTPS; Sat, 11 Aug 2018 03:38:40 +0000
Date: Sat, 11 Aug 2018 03:38:40 +0000
Message-ID: <20180811033840.Horde.i6llD-AtvgzyNIjbhTs-nkS@webmail.aegee.org>
From: Dilyan Palauzov <Dilyan.Palauzov@aegee.org>
To: Ietf-dkim@ietf.org
User-Agent: Horde Application Framework 5
Content-Type: text/plain; charset="utf-8"; format="flowed"; DelSp="Yes"
MIME-Version: 1.0
Content-Disposition: inline
X-Virus-Scanned: clamav-milter 0.100.1 at mail.aegee.org
X-Virus-Status: Clean
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/3oN5Lz7s2nRobuMzdVgllZQ46mU>
Subject: [Ietf-dkim] DKIM-Signature: r=y and MLM
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 11 Aug 2018 03:38:51 -0000
Hello, RFC6651 (Extensions to DomainKeys Identified Mail (DKIM) for Failure Reporting) adds to DKIM-Signature the couple r=y - when an existing DKIM-Signature does not validate, the signing server is notified that something went (unintentionally) wrong. The DKIM aggregate reports show whether a server signs correctly all mails or not. If the aggregate reports show that this is sometimes (let's say in 1%) not done correctly, the signer has no way to find for which email the signing has not worked and cannot fix the signing software, unless a report for the failing mail is sent with r=y. RFC6377 (DomainKeys Identified Mail (DKIM) and Mailing Lists) suggests in section 5.7 to remove the invalidated DKIM-Signagures, if the mailing list software has changed the email. I have not read ARC, but I have the impression that it says to keep the invalidated DKIM-Signatures. When an email with DKIM-Signagure: r=y is sent to a mailing list, the email is modified, and a final recipient following r=y sends a report. The problem is that this report is useless and distracting - it does not indicate, that the signer-MTA or validator-MTA are implemented in wrong way. I suggest here in to suggest in a more formal manner, that MLMs modifying a message are supposed to remove the r=y part of just invalidated DKIM-Signature and this logic is also applied for ARC, if relevant (I don't know ARC). Fixing only ARC will not help, as there is software that follows DKIM, but has no idea about ARC. Is such a recommendation a good idea? How to make the recomentation? Amendment to RFC6377, amendment to RFC 6651, something else, that is very short to compose? Regards Dilian
- [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Alessandro Vesely
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Brandon Long
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Alessandro Vesely
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Alessandro Vesely
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Дилян Палаузов
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Hector Santos
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Дилян Палаузов
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Дилян Палаузов
- Re: [Ietf-dkim] [dmarc-ietf] DKIM-Signature: r=y … Hector Santos
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Hector Santos