Re: [dmarc-ietf] Suggestion: can we test DEMARC deployment with a mailing list?

Hector Santos <hsantos@isdg.net> Wed, 07 May 2014 12:10 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 826471A0226 for <ietf@ietfa.amsl.com>; Wed, 7 May 2014 05:10:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.401
X-Spam-Level:
X-Spam-Status: No, score=-101.401 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, J_CHICKENPOX_16=0.6, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9B61oMg9Sgrq for <ietf@ietfa.amsl.com>; Wed, 7 May 2014 05:10:09 -0700 (PDT)
Received: from pop3.winserver.com (winserver.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 0846D1A01D4 for <ietf@ietf.org>; Wed, 7 May 2014 05:10:08 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=998; t=1399464602; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=D335Xkah80U2Tsx0lGFXiQXwu70=; b=YYOxkxh4eSEwOHM8DqTQ wHOGz5v4YaXbUf1TwIXUwt3ME0Icz2MbFS8Nrk5nZPwbeqW15LkGLbOU0Tlj5DMo EV9XxvUN/SwkgLvaPVkE7HgoQhGQWXr8W90pjUdK+VDq6vEiYUcA6cSj3Dwq06Mg NBAKMl89tk0OU6+uvlkuKwY=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Wed, 07 May 2014 08:10:02 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from hector.wildcatblog.com (opensite.winserver.com [208.247.131.23]) by winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 2573158257.2913.3160; Wed, 07 May 2014 08:10:02 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=998; t=1399464497; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=OzRDxNg I7RYpVRf/XGUBjVhjnEEhRbAxlbjpLS9safw=; b=IX0YaTrc7Hr1oAsylNDEZOL /Ds0v9v3wqiQgpWg1dCmQSJshKGN84+xhkaKvFMi0epojZ8PGY1vStnEE9L4/eIp PBCIscrnGAQU2p8ojt36vn0p4hS+dsMDictPLsRpsqffygjoKpLCTmxUjWQWYg1A 4IgAwQfDELy+tgZZBZ6E=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.4) for ietf@ietf.org; Wed, 07 May 2014 08:08:17 -0400
Received: from [192.168.1.2] ([99.121.4.27]) by beta.winserver.com (Wildcat! SMTP v7.0.454.4) with ESMTP id 2592673234.9.14640; Wed, 07 May 2014 08:08:16 -0400
Message-ID: <536A2299.9050707@isdg.net>
Date: Wed, 07 May 2014 08:10:01 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: ietf@ietf.org
Subject: Re: [dmarc-ietf] Suggestion: can we test DEMARC deployment with a mailing list?
References: <28671EE8-A8B9-40D1-9268-527A8FFC34AD@cisco.com> <53682B10.2070000@meetinghouse.net> <1BB8A9AB-C7C1-4959-B8C2-C649AB4EA19D@cisco.com> <53682C4B.80301@meetinghouse.net> <C92FEFD4-06B7-48CD-A1F3-CF6F3DB259DE@cisco.com> <536906F2.3060008@dcrocker.net> <01P7I8FAW2JY000052@mauve.mrochek.com> <536A1D80.6060309@isdg.net>
In-Reply-To: <536A1D80.6060309@isdg.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf/TtayctoBR2vt7He-hb9_IsuQCa4
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 May 2014 12:10:10 -0000

On 5/7/2014 7:48 AM, Hector Santos wrote:

>> I haven't had time to do a careful review of the DMARC specification,
>> but I do note one obvious omission: Wouldn't it have been helpful to define
>> an enhanced status code for a p=reject failure which mailing lists
>> could detect and take appropriate action, i.e. counting this as a failure
>> of the sender,  not the recipient?
>
> That was part of the discussions. But for backward compatibility, a
> ACCEPT and DISCARD could be a deployment optional alternative to a
> reject action.

Sorry, it wasn't part of the DMARC discussion but it was discussed 
with with SSP and ADSP. See RFC6377 "DKIM and Mailing Lists".

With ADSP "dkim=discardable" policy, the deployed SMTP server could 
process it at DATA and reject it as a 550 rather than do ACCEPT and 
DISCARD. A reject mode would cause a list sender problem.

With DMARC "p=reject" policy, it would the opposite semantics to offer 
the reject as a accept/discard.

-- 
HLS