Re: [Ietf-dkim] DKIM-Signature: r=y and MLM
"Murray S. Kucherawy" <superuser@gmail.com> Sat, 18 August 2018 21:45 UTC
Return-Path: <superuser@gmail.com>
X-Original-To: ietf-dkim@ietfa.amsl.com
Delivered-To: ietf-dkim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6FC59130E06 for <ietf-dkim@ietfa.amsl.com>; Sat, 18 Aug 2018 14:45:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mIHmtLFH6K_E for <ietf-dkim@ietfa.amsl.com>; Sat, 18 Aug 2018 14:45:43 -0700 (PDT)
Received: from mail-lf1-x129.google.com (mail-lf1-x129.google.com [IPv6:2a00:1450:4864:20::129]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 26B32130DE2 for <Ietf-dkim@ietf.org>; Sat, 18 Aug 2018 14:45:43 -0700 (PDT)
Received: by mail-lf1-x129.google.com with SMTP id a134-v6so8282730lfe.6 for <Ietf-dkim@ietf.org>; Sat, 18 Aug 2018 14:45:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=A+5Bud3IKMmr8FOShC26UkoJ54R+SbEwhB4NvSe+izc=; b=smEKKSr5XTufdTD6ZKhZ1tlBXHIs0fgIniaT2JK2SErV3IYJ4G5iQEnqTNFxmxF0cY oRCrYtXe/iCp5xL1i5FjQZEX8J6ICNmgdneOjsT8/ur9AMEiRuqhotaz2TiX6h3El+UK i3sOnj2VDdQGpn+MSANpRQ9q8ztPJsE6QLwzGA+RxbaZy/SJTrl0xf/RF5HZkTCU2BYI is0SoH4YHi1wzC7E8ULXHV562sHFhRVbpBqLji0iTyE/kgpnA9EP6A+r2wA16jiaFL/V yFr2dDl9PrQ6KvZfnBmAQLJYNIosH/pHakxxUasbFSEM4p7jXL4zvYwplAzPKntK/dxh 0JoA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=A+5Bud3IKMmr8FOShC26UkoJ54R+SbEwhB4NvSe+izc=; b=ift0imJTd0ySVXaBuGanc8gRUrHKi9Q5bf6bao+6MKF//w90Mjq8j1l0r+S0WRgqcH 9msw0PpO5+q9aZ5ZSTBJxH4wCKNVPmgvdVV+jW7Tg9896BuIZrlaPgZwcwpIVw1pbQr+ TjTmtCQ8P4QzaewgKRC5IeUYpPKY4SceNUYYS+FM/zQ9fpTLHEZmUiMqye2t2vjABXLm XqCu5rD1g4LQCxGruZFaJeUmYowj+qs47fV5MJtLzu0h6WeDTLFhe8CbEuahnOO5L0gD r3Jka3HlrrSuJaC+xBG0AGcI2mHIFz+m6fI5yAHBHljNKW7gilGNqxO01eVDYhrqFYXm q/7g==
X-Gm-Message-State: AOUpUlFrcFDpvGVUh5G3kP0PAWg0ZqrIdJxNEubu2FKfIUAZM4mL6qQg v4fgo9C1rXgChC98d3Lz2wnGSleW0MT78W4+gLY=
X-Google-Smtp-Source: AA+uWPxQnkDJjmuxazh90X+7rv5jjY/au7ShlOUnzFYPWQPFsZpaaXZ9jqQUtaLq/E4zXxhdZ3xMYw9qmwIH5PTkBuI=
X-Received: by 2002:a19:5353:: with SMTP id h80-v6mr10943679lfb.9.1534628741317; Sat, 18 Aug 2018 14:45:41 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a2e:3a13:0:0:0:0:0 with HTTP; Sat, 18 Aug 2018 14:45:40 -0700 (PDT)
In-Reply-To: <98aff90a-2198-854f-f1e6-85fd704cb7d1@tana.it>
References: <20180811033840.Horde.i6llD-AtvgzyNIjbhTs-nkS@webmail.aegee.org> <98aff90a-2198-854f-f1e6-85fd704cb7d1@tana.it>
From: "Murray S. Kucherawy" <superuser@gmail.com>
Date: Sat, 18 Aug 2018 14:45:40 -0700
Message-ID: <CAL0qLwYBqUGT=xJQzBvHodJdAN1Z4_dPk0toeYHsJ_T-hMzghA@mail.gmail.com>
To: Alessandro Vesely <vesely@tana.it>
Cc: Dilyan Palauzov <Dilyan.Palauzov@aegee.org>, Ietf-dkim@ietf.org
Content-Type: multipart/alternative; boundary="000000000000fd08240573bc98c9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-dkim/s5PStMliR_NIYzzD8DrSYxW3uA0>
Subject: Re: [Ietf-dkim] DKIM-Signature: r=y and MLM
X-BeenThere: ietf-dkim@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: IETF DKIM List <ietf-dkim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-dkim/>
List-Post: <mailto:ietf-dkim@ietf.org>
List-Help: <mailto:ietf-dkim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-dkim>, <mailto:ietf-dkim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Aug 2018 21:45:47 -0000
On Fri, Aug 17, 2018 at 4:15 AM, Alessandro Vesely <vesely@tana.it> wrote: > > The DKIM aggregate reports show whether a server signs correctly all > mails or > > not. If the aggregate reports show that this is sometimes (let's say in > 1%) > > not done correctly, the signer has no way to find for which email the > signing > > has not worked and cannot fix the signing software, unless a report for > the > > failing mail is sent with r=y. > > Well, nope. Aggregate reports belong to DMARC. Consider adding a rua= > address > to your DMARC record. Sometimes aggregate reports allow a postmaster to > pin > which message triggered it. If you also set a ruf= address, you might > receive > ARF reports as well. > +1. > I suggest here in to suggest in a more formal manner, that MLMs modifying > a > > message are supposed to remove the r=y part of just invalidated > DKIM-Signature > > and this logic is also applied for ARC, if relevant (I don't know ARC). > Fixing > > only ARC will not help, as there is software that follows DKIM, but has > no idea > > about ARC. > > AFAIK, ARC is not involved in reporting. My feeling is that the whole > topic > now belongs to DMARC's territory. +1. As for rfc6651, it also specifies how to obtain reports for ADSP, which was > moved to Historical status. Unless your experience testifies to a relevant > community traction, I'd propose rfc6651 be moved to Historical status too, > and > its format description be moved to rfc7489bis, whenever it comes about. > OpenDKIM still implements RFC6651 and finds it useful for debugging problems with new implementations, so at least from that perspective I don't think historical status for it is warranted. If an update is needed to cover the issues raised here, that's possibly worth pursuing. -MSK
- [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Alessandro Vesely
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Murray S. Kucherawy
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Brandon Long
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Alessandro Vesely
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Alessandro Vesely
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Dilyan Palauzov
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Дилян Палаузов
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Hector Santos
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Дилян Палаузов
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Дилян Палаузов
- Re: [Ietf-dkim] [dmarc-ietf] DKIM-Signature: r=y … Hector Santos
- Re: [Ietf-dkim] DKIM-Signature: r=y and MLM Hector Santos