Re: Enabling DMARC workaround code for all IETF/IRTF mailing lists
Hector Santos <hsantos@isdg.net> Tue, 15 May 2018 13:38 UTC
Return-Path: <hsantos@isdg.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27BC012DA17 for <ietf@ietfa.amsl.com>; Tue, 15 May 2018 06:38:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.208
X-Spam-Level:
X-Spam-Status: No, score=-1.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RDNS_NONE=0.793, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isdg.net header.b=gCuYgkum; dkim=pass (1024-bit key) header.d=beta.winserver.com header.b=rZy8ryt4
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v-2oV9B32ddB for <ietf@ietfa.amsl.com>; Tue, 15 May 2018 06:38:05 -0700 (PDT)
Received: from pop3.winserver.com (unknown [76.245.57.69]) by ietfa.amsl.com (Postfix) with ESMTP id 1100B12D954 for <ietf@ietf.org>; Tue, 15 May 2018 06:38:04 -0700 (PDT)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=1541; t=1526391483; atps=ietf.org; atpsh=sha1; h=Received:Received:Received:Received:Message-ID:Date:From: Organization:To:Subject:List-ID; bh=uhMeMUSCZOthkJ4P5qJ0+2WlqQ0=; b=gCuYgkumzgO7Bs/ZPqPL66p8tbr01oHf5Ehx8oFYw8EJ3uQ4BQQ15xcD/E16Hf 74BKBDyBmWQvdW8nEKoHCO23XhL9PHKj6CXaqq1eM/yQQLPuhN+urLymvusx0Wkm EiygSqfodjHtQDKw4cseU+m8TjrZ8uxzW3BwfsKuTJe8c=
Received: by winserver.com (Wildcat! SMTP Router v7.0.454.6) for ietf@ietf.org; Tue, 15 May 2018 09:38:03 -0400
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from beta.winserver.com ([76.245.57.74]) by winserver.com (Wildcat! SMTP v7.0.454.6) with ESMTP id 3375142259.1.4332; Tue, 15 May 2018 09:38:02 -0400
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=1541; t=1526391000; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=ycFBpop dwyFbabpUmB+vuHJAMPgH1kc9TuWXTmK5G6A=; b=rZy8ryt4E7C7HLhZxEWAFMb Pm7XSKeGj+EZnbWxW4Ykp4yQBiPl1QTAOhZc6LFe42TRTROw/tFAE0eaFEAsb5sB cbA/u1t9eUKjPgaNosqvhwIPdh0aDC00m2lKRq69bgavZkA4x1DmFKBN3ltIYxTG a1QCAJrfbtozpQ4y1m5U=
Received: by beta.winserver.com (Wildcat! SMTP Router v7.0.454.6) for ietf@ietf.org; Tue, 15 May 2018 09:30:00 -0400
Received: from [192.168.1.68] ([99.121.5.8]) by beta.winserver.com (Wildcat! SMTP v7.0.454.6) with ESMTP id 3374939191.9.140628; Tue, 15 May 2018 09:29:59 -0400
Message-ID: <5AFAE2B5.3030206@isdg.net>
Date: Tue, 15 May 2018 09:37:57 -0400
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.8.1
MIME-Version: 1.0
To: ietf@ietf.org
Subject: Re: Enabling DMARC workaround code for all IETF/IRTF mailing lists
References: <919855CA-9F77-420A-8B8F-79174CD2FC19@fastmail.fm> <5849b364-ee61-6c0c-4905-b7bca88d2fd3@tana.it>
In-Reply-To: <5849b364-ee61-6c0c-4905-b7bca88d2fd3@tana.it>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/hU3S3wTtTptv9-0iAJ2KKw3nF7Q>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 May 2018 13:38:07 -0000
On 5/13/2018 7:50 AM, Alessandro Vesely wrote: > Just a couple of notes: > > On Fri 11/May/2018 14:00:15 +0200 Alexey Melnikov wrote: >> >> Below are some technical details on how the email address rewriting workaround is going to work: >> >> Emails from domains that don't have a p=reject DMARC setting are not going to be affected in any way. >> >> For emails from p=reject domains: > > Some put p=reject; pct=0; for the sole purpose of having From: rewritten. The > principle of least surprise would suggest to apply rewriting uniformly. At the very least, we should allow the declaring DMARC domain to dictate/publish his intent specifically using a new tag in the domain record, such as 'rewrite=allowed|1" or something directly specific to this technical protocol intent. I don't think pct=0 was it. It was not documented for such an technical protocol intent so we shouldn't be inventing new meanings of the existing tags. If we going to change code, then leverage the opportunity and use a new specific tag, I don't prefer rewriting at all. Once we "normalized" the 5322.From rewriting, the long time DKIM issues may be finally done with, i.e. ARC is less meaningful but in fact, DKIM itself becomes more meaningless, if not already. The 5322.From is the only required hash binding header for DKIM. Any transformations, including a rewrite with a "X-Original-From" addition, should be reversible and verifiable. We make email more complex by justifying 5322.From rewriting. Thanks -- HLS
- Re: Enabling DMARC workaround code for all IETF/I… Andrew G. Malis
- Re: Enabling DMARC workaround code for all IETF/I… Russ Housley
- Re: Enabling DMARC workaround code for all IETF/I… Andrew G. Malis
- Enabling DMARC workaround code for all IETF/IRTF … Alexey Melnikov
- Re: Enabling DMARC workaround code for all IETF/I… Andrew G. Malis
- Re: Enabling DMARC workaround code for all IETF/I… John C Klensin
- RE: Enabling DMARC workaround code for all IETF/I… MH Michael Hammer (5304)
- RE: Enabling DMARC workaround code for all IETF/I… John C Klensin
- Re: Enabling DMARC workaround code for all IETF/I… Alexey Melnikov
- Re: Enabling DMARC workaround code for all IETF/I… Ted Lemon
- Re: Enabling DMARC workaround code for all IETF/I… Andrew G. Malis
- Re: Enabling DMARC workaround code for all IETF/I… John C Klensin
- Re: Enabling DMARC workaround code for all IETF/I… Spencer Dawkins at IETF
- Re: Enabling DMARC workaround code for all IETF/I… John C Klensin
- Re: Enabling DMARC workaround code for all IETF/I… Viktor Dukhovni
- Re: Enabling DMARC workaround code for all IETF/I… Spencer Dawkins at IETF
- Re: Enabling DMARC workaround code for all IETF/I… John Levine
- Re: Enabling DMARC workaround code for all IETF/I… John C Klensin
- Re: Enabling DMARC workaround code for all IETF/I… Viktor Dukhovni
- Re: Enabling DMARC workaround code for all IETF/I… John Levine
- Re: Enabling DMARC workaround code for all IETF/I… Viktor Dukhovni
- Re: Enabling DMARC workaround code for all IETF/I… Hector Santos
- Integrity of mail systems (was Re: Enabling DMARC… Andrew Sullivan
- Re: Enabling DMARC workaround code for all IETF/I… Alessandro Vesely
- Re: Integrity of mail systems (was Re: Enabling D… John C Klensin
- Re: Integrity of mail systems (was Re: Enabling D… Michael Richardson
- Re: Integrity of mail systems (was Re: Enabling D… Phillip Hallam-Baker
- Re: Enabling DMARC workaround code for all IETF/I… Hector Santos
- Re: Enabling DMARC workaround code for all IETF/I… Brandon Long
- Re: Enabling DMARC workaround code for all IETF/I… Brian E Carpenter
- Re: Enabling DMARC workaround code for all IETF/I… Glen