IETF Logo Mail Archive

Re: [marf] Change request for AS, was Working Group Last Call on draft-ietf-marf-as-05

Steve Atkins <steve@wordtothewise.com> Sun, 05 February 2012 08:06 UTC

Return-Path: <steve@wordtothewise.com>
X-Original-To: marf@ietfa.amsl.com
Delivered-To: marf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C2A221F854F for <marf@ietfa.amsl.com>; Sun, 5 Feb 2012 00:06:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5YV07QKx7GwW for <marf@ietfa.amsl.com>; Sun, 5 Feb 2012 00:06:51 -0800 (PST)
Received: from m.wordtothewise.com (misc.wordtothewise.com [184.105.179.154]) by ietfa.amsl.com (Postfix) with ESMTP id A4BBB21F854E for <marf@ietf.org>; Sun, 5 Feb 2012 00:06:51 -0800 (PST)
Received: from platter.wordtothewise.com (204.11.227.194.static.etheric.net [204.11.227.194]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: steve) by m.wordtothewise.com (Postfix) with ESMTPSA id 3925B2E192 for <marf@ietf.org>; Sun, 5 Feb 2012 00:06:51 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Apple Message framework v1257)
From: Steve Atkins <steve@wordtothewise.com>
In-Reply-To: <F5833273385BB34F99288B3648C4F06F19C9A7DBD0@EXCH-C2.corp.cloudmark.com>
Date: Sun, 05 Feb 2012 00:06:50 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <2A6B561A-FFD5-4B87-A5F2-CC157EFFA08A@wordtothewise.com>
References: <CAC4RtVAPvJcQqMansbJpXnLWD_ajc67bo5JXQ4pRy212u0Z=XQ@mail.gmail.com> <CAC4RtVCO=+UfZWY6qXi-fvLPzONcGC5=8mppRMTWk7vPR-k7JA@mail.gmail.com> <4F291ECD.9040308@tana.it> <4F2AD991.8050508@tana.it> <F5833273385BB34F99288B3648C4F06F19C9A7DBCE@EXCH-C2.corp.cloudmark.com> <48E6B374-95D2-4BC9-8794-50465B6455A2@wordtothewise.com> <F5833273385BB34F99288B3648C4F06F19C9A7DBD0@EXCH-C2.corp.cloudmark.com>
To: Message Abuse Report Format working group <marf@ietf.org>
X-Mailer: Apple Mail (2.1257)
Subject: Re: [marf] Change request for AS, was Working Group Last Call on draft-ietf-marf-as-05
X-BeenThere: marf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Message Abuse Report Format working group discussion list <marf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/marf>, <mailto:marf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/marf>
List-Post: <mailto:marf@ietf.org>
List-Help: <mailto:marf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/marf>, <mailto:marf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2012 08:06:52 -0000

On Feb 4, 2012, at 11:27 PM, Murray S. Kucherawy wrote:

>> Is the thought to add them to the AS document as a section on how to
>> craft and send an ARF message that's being used for SPF or DKIM failure
>> feedback? Or as something that's more generally applicable to all ARF
>> usage? Or something in-between - FBL best practices, say?
>> 
>> (Also, if we're going to do that, should we reference 3834 - Auto-
>> Submitted and all that - as well / instead?)
>> 
>> It does seem to make more sense to have them both referencing a base
>> "reporting auth failures" document that covers the common requirements
>> rather than referencing each other, whether that base doc is draft-
>> ietf-marf-as or not.
> 
> It seems to me what's in Section 6 is good advice for any ARF generation case.

6.3 isn't bad advice, but the justification of some of it is rather specific to authentication failure reporting. Do we want to mandate that anyone sending ARF reports of any sort MUST also publish SPF records or send them with a NULL envelope sender? That requirement isn't unreasonable in the case where you're talking about reports sent in response to an authentication failure, where avoiding an authentication failure in response to a report of authentication failure is a reasonably belt-and-braces way to help avoid a mail loop - but beyond that narrow scope it seems a bit of a reach. There are people who consider SPF irrecoverably broken, yet still offer feedback loops.

> What's in DKIM reporting's 8.4-8.6 would go under a section that talks about any kind of automated reporting, with authentication failure reporting as the prime example.  

Some of it is specific to authentication failure reporting. As for the rest of it, are they security concerns that should be discussed in marf-as regardless of whether the DKIM/SPF docs want to reference them? I'm thinking yes.

And (I'm going to regret asking this, I'm sure) where does draft-ietf-marf-authfailure come into this? It has much the same security statements and is already referenced by the SPF and DKIM failure drafts, I think.

> The two reporting drafts would then reference the AS instead of including those sections themselves, and the AS could reference them as use cases.  That would turn them into a document cluster, but that's not a big deal; it just means they are published simultaneously with sequential RFC numbers.

Cheers,
  Steve

v2.23.0 | Report a Bug | By Email