IETF Logo Mail Archive

Re: [Tools-discuss] SPF rejection of mail to chairs

Jim Fenton <fenton@bluepopcorn.net> Thu, 27 February 2020 21:20 UTC

Return-Path: <fenton@bluepopcorn.net>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C82133A0C30 for <tools-discuss@ietfa.amsl.com>; Thu, 27 Feb 2020 13:20:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=bluepopcorn.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zLkPX6LJ7B8X for <tools-discuss@ietfa.amsl.com>; Thu, 27 Feb 2020 13:20:13 -0800 (PST)
Received: from v2.bluepopcorn.net (v2.bluepopcorn.net [IPv6:2607:f2f8:a994::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 296A23A0C2F for <tools-discuss@ietf.org>; Thu, 27 Feb 2020 13:20:12 -0800 (PST)
Received: from steel.local (sfosf0017s350801.wiline.com [64.71.6.2] (may be forged)) (authenticated bits=0) by v2.bluepopcorn.net (8.14.4/8.14.4/Debian-8+deb8u2) with ESMTP id 01RLK943014574 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 27 Feb 2020 13:20:10 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bluepopcorn.net; s=supersize; t=1582838412; bh=aQaMvYxchwskqZDyBoRoeRnH1X+9L641iYKS/9qBPOw=; h=Subject:To:Cc:References:From:Date:In-Reply-To; b=RVzB8Iedgv8zic1hN+cV9jJQyXqCApXdNLH3ZIJdpV6xdUvYSGE6AoP+MyMxbcVVt pJZjsmZb1gUBC95Lw4IvBREf5+xz3zruS0Tls9Q4hOndIocugz7I9cKnAiVFKfREto vhb1Xd2v/l+O9zBZvwi7b8nW5cJTZsMP55xtBC8E=
To: Carsten Bormann <cabo@tzi.org>, Robert Sparks <rjsparks@nostrum.com>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, tools-discuss@ietf.org
References: <RT-Ticket-282330@www.ietf.org/rt> <20191121040335.A47AD120944@ietfa.amsl.com> <253406B7-7911-4971-9ED5-D836606D3B6A@tzi.org> <rt-4.4.2-17081-1574310971-201.282330-4-0@www.ietf.org/rt> <CABL0ig51Bfs5w94vnZnTBQaQ+mC5+Vjett61Cs1d0sc_DpFsXA@mail.gmail.com> <9898.1574329972@dooku.sandelman.ca> <A7C5D382-FDE4-4EB7-9463-FB2E0884920C@tzi.org> <96dbab15-2b11-4114-8ad0-690047430d68@nostrum.com> <DB2BE9AA-1018-44B0-B926-AF27427B4577@tzi.org> <0C8935E8-7693-4FAE-85DF-33408D297F15@tzi.org> <7f34680e-4fe8-cf17-a0e9-d3696d509a6f@nostrum.com> <73AA0A63-585C-4612-9995-D9CAF79F79FD@tzi.org>
From: Jim Fenton <fenton@bluepopcorn.net>
Autocrypt: addr=fenton@bluepopcorn.net; prefer-encrypt=mutual; keydata= mQINBFJNz0MBEADME6UoNSsTvSDJOdzL4yWfH4HTTOOZZPUcM/at38j4joeBb2PdatlwCBtk 9ZjupxFK+Qh5NZC19Oa6CHo0vlqw7V1hx1MUhmSPbzKRcNFhJu0KcQdniI8qmsqoG50IELXN BPI5OEZ3chYHpoXXi2+VCkjXJyeoqRNwNdv6QPGg6O1FMbB+AcIZj3x5U18LnJnXv1i+1vBq CxbMP43VmryPf8BLufcEciXpMEHydHbrEBZb/r7SBkUhdQXjxRNcWOLeYvOVUOOrr1c+jvqm DEbTWUJVRnUro/WpZQBffFnymR0jjkdAa8eOVl/nF2oMLbaBsOMvxCRSSEcGhuqwbEappNVT 1nuBTbkJT/GGcXxc+lEx9uNj86oYC4384VZJMTd1BRI4qPXImNZCIdmpKegK743B6xxN6Qh1 Tg167pn9429JENQE/AFIVX5B/gpsg7Aq+3rmz9H6GbfovPvFV3TBTgsHCHAMC8XU+S4fhcqN PN0lbUeyb7g6wxaE+dYqC7TExx7G3prw4v66y0qS7ow/Cfw8XXOEkaFQ4XwP7nvfILT+9CcU yS8I40vlDFU9Wnt56CbGz0ZVQgHnwyPXL+S9kCcIwRLFx1M79s6T6qwX1TXadfpbi1uIw7XG TiPDT8Pk6i2y22oSSROyYD4D+wOhVkkvO0S8iZ3+LhAYUx86nwARAQABtCNKaW0gRmVudG9u IDxmZW50b25AYmx1ZXBvcGNvcm4ubmV0PokCVQQTAQIAPwIbAwYLCQgHAwIGFQgCCQoLBBYC AwECHgECF4AWIQS1nUkJe2fEXbvBaacbJaiwFdCfvgUCXVD9ggUJDORhvgAKCRAbJaiwFdCf vgiSEACd3Nem63zL2C6daCFfRzOANkf30Q8AvaRVwhfdFxs+5vETCzbqctrtIAHeqncXjm9G uEJWxecAiHZXKoWUEFECMp3+Saznw0np+c722M4k9xI+mxqbcE0qgpYQgA8zbS/Lbds3f/bk /00jrQg4VMkumONlh+RZVwxAsnWp8efrJsNTn0QOPZavAkPEN59wfyWQ3O4pNY8i3zum8Wge 8NS4BBMyG0fmjWgUq0K2QrTD4AKBslM2IWCLECypP1AOfHKmmTACKFOnzJJ4KspUw3hdBnS1 fvudUC8u26Q3T6rHosRqxGmgW7sQWwAusgMSa/A6zxR6soEBSsMT5Tf+VHebuz1FWE4ogrvJ InvewfYSCYzOQamYYGArcBtAzU00pUzW2Or7SlwZPHHy2EfMd0zvT7mwSYLwwwcCsWc1O/CI xHGea7PBgO3TdR0Ex254yc+NTyxF3isBC/fodF9aNWF6x6SV3VKYJ3U2uqS9ga85dZz8Qeps MwlSEGRVhVVWGbSxy0GxV5Up0yX4vl0kI0c7Tt57JCOoRBpn/lTK/7IEtZK6/uiw98KCy+BM uF7HPsgXjd/AQjSsZIJgDyVY/y7niduqhW2izNEdhV77htVbKHRf2SfJQNudWOIcOhUTlddH kOSjet+MDso61JxrFV4j/8wFno7NwpPIhD//HvKAiLkCDQRSTc9DARAAwZaXYs3OzGlpqvSH 3HR9GjSzIeP0EmsBCjpfIdZbQBwQ3ZREiMGInNxV+xkdjLDg0ctrWzUCUe3plWe5NJkpjqm+ KMc7GKhyeWJ5MZRtVrh0VpFTqi8UwYPWumAYqE1y/U1me/zHpfG9EDwdSYqMkPF76Fy5W+vh ZP2ILKaY8qWSLyH8TPl5mFGBypfT8Q6UuzlRs2aTbsTtBX/qwH7gztMRJSjQtYo20AqCgBBH IA/0xV5qDH7CVYyKyPQ4tJLQ8/xyTysUS5fewrj8lZo/G9SaNtC3CEvrJYwyA0nvYB6+hJPM qMP/tyRXM/9XY3qO4Vxuc+m5fYbTZa5GYAZNNuB5dvqI1U0sFTWBEbpAeabqCQ40ZnFSj+t1 tBuwfj4ey/oJ78WRyg5+VTvPKRRubOmZcnzj5yfTS3VGxAZb4Nsj1S2f3KLP0Z+Cv4dt893I 2JWTChw7jA1omF0QTQaBq140n084PFndBHudrZ3cz+APC89iie2HQ4jGQldXZXnGySHnHlA+ WUyZ9wgOplW9F4Q/Lps1bnuh5VttPVpNfjX8hiV48al+b+ut4nfzXAripIRWF3TL72/6JqgE KNhRKyRn0S6BidieSyHWzqJR3Roi/YNTvyXyLh6i6jtByb3FbnhYf/9olobDpj0E+kTemLrw owre85gwupSphqlzVSUAEQEAAYkCPAQYAQIAJgIbDBYhBLWdSQl7Z8Rdu8FppxslqLAV0J++ BQJdUP9SBQkM5GOPAAoJEBslqLAV0J++vZoP/1shJ+5iImGzvGUTTDJcAX6Wha+22QP0G51Z QGZbeB0gE+gDmRwd2yw0cO3y1sPoTJliUSuZ3DFIjv8CLBgDlrkUnijBWbi5YznsAZkH0vKG ESGzinJC6y/Nzf2TZokKiOaYrTYcZx8x2wxjNO+zsihm/rvhV/YnHEYd9dlV/MjAL3xtHU/9 fNcTDtF3RchADyVCxlqrRUkFj61dHxU+U5JRftyIliLltsy2Nlr4uAsxNX+tpAH2D2HLmjwx bV2fpTnFCVImtuo6ZqNZ8SMk1Xq0fBBdo3acBw42kL/qGIKS9x3NWEy8vsmQXn0QqNBd1Q62 9ghm82mHMTRKnOXqkMgICpZ0HffPf3p7zMkEqWptgEHxE6ZHm9hJMGEf8RED9DCYh+N1uFaM 7ndQPPFKlj80sGmNF9+01mO53hrxeL/WAdGox/STpTb2BDpiyrLdT/2R0vJNEfMxBBYlw1gc g8mPEwHwZ940/qql7e41TkDGUZa2a1WegKLj8hK1pgDDBptcdIvlvuk284jOZ2/jDyaBDsMf 310OoJchJ3977odtSCArybQIwMjTx0rv6dqjsuqP89jqlrGV6izqf1n4p4FNrBSWOSRGaoWD JJVHL4YUhP44G5xDBCtp3TqatLa5F2Rgxj50EFIzOuu9Pg1tBCPP1G+0EiikVTdDkC63X4RG
Message-ID: <36ad6759-0bce-ad05-d42c-abdd2083781c@bluepopcorn.net>
Date: Thu, 27 Feb 2020 13:20:04 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:68.0) Gecko/20100101 Thunderbird/68.5.0
MIME-Version: 1.0
In-Reply-To: <73AA0A63-585C-4612-9995-D9CAF79F79FD@tzi.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/q1Wkb-40m45I17jtzo693XeT2Ps>
Subject: Re: [Tools-discuss] SPF rejection of mail to chairs
X-BeenThere: tools-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tools-discuss>, <mailto:tools-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss/>
List-Post: <mailto:tools-discuss@ietf.org>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tools-discuss>, <mailto:tools-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2020 21:20:16 -0000

To clarify, we're really talking about DMARC rejection rather than SPF
rejection, correct? SPF does have a "hardfail" policy, but just about
nobody actually rejects mail because the problems with doing that are
fairly obvious. DMARC's "reject" policy ((DKIM or SPF) and binding to
From address) and the problems with it are harder to understand. But
there are a lot of industry people pushing DMARC, so some large domains
are enforcing it even though it's an Informational RFC.

-Jim

On 2/27/20 11:55 AM, Carsten Bormann wrote:
> Hi Robert,
>
> thanks for replying.  Certainly keeping the system running is more urgent than solving this particular problem.
>
> I’m looking forward to the March 11 briefing; I hope I can make it (it’s going to be 21:00 here).  I particularly like that you plan to discuss monitoring and knowing whether user-visible features actually work; my favorite way of improving service quality further.  Let me hint that I’ll be bringing up performance (response time) monitoring in that vein.
>
> And I hope we can talk in Vancouver despite the current troubles…
>
> Grüße, Carsten
>
>
>> On 2020-02-27, at 20:44, Robert Sparks <rjsparks@nostrum.com> wrote:
>>
>> Hi Carsten -
>>
>> The situation hasn't changed so far. Our efforts the last few weeks have been focused on the server replacement and finalizing the python2/3 transitions. I expect we will get to spend some time talking about changing the behavior of the draft and chair aliases while we're in Vancouver.
>>
>> I understand your point about not having a place to go to follow the status things like this, and am looking for ways to better provide that.
>>
>> RjS
>>
>> On 2/26/20 11:18 AM, Carsten Bormann wrote:
>>> Generic, undirected PING…
>>>
>>> Grüße, Carsten
>>>
>>>
>>>> On 2019-12-20, at 18:33, Carsten Bormann <cabo@tzi.org> wrote:
>>>>
>>>> Hi Robert,
>>>>
>>>>> On Dec 20, 2019, at 17:16, Robert Sparks <rjsparks@nostrum.com> wrote:
>>>>>
>>>>> Hi Carsten -
>>>>>
>>>>> We're aware of this problem. Unfortunately there is not any quick fix for it.
>>>>>
>>>>> The path through the mail processing chain for the aliases is very different than the path for the mailing lists, and the way we are applying the current workaround isn't applicable there.
>>>> I suspected so.
>>>>
>>>> A lot of our processes are set up to make use of the aliases, so in the end this creates  (hidden-terminal like) problems for these as well.
>>>>
>>>> I’m not sure the majority of mail servers are set up to report SPF failures as delivery status, so I’m not even sure I know the extent of this problem.  (So far, I have often resorted to the explanation that some people are too lazy to read my mail, but maybe SPF vs. forwarding is the real problem.)
>>>>
>>>>> We are discussing what we can do instead.
>>>> I wonder if there is a way to stay informed about the progress of issues like this (that are not naturally rooted in the issue tracker of some piece of software).  I mostly brought this up again on the list because I have no visibility.
>>>>
>>>> (I also need a better workaround.  I wonder if I need to move to sending IETF mail from a mail account with a ~all SPF setting, like it’s 2014 again…  Maybe I can just manually set my From address to cabo=40tzi.org@dmarc.ietf.org?)
>>>>
>>>> Grüße, Carsten
>>>>
>>>> [1]: https://en.wikipedia.org/wiki/Hidden_node_problem
>>>>
>>>>> RjS
>>>>>
>>>>> On 12/20/19 1:14 AM, Carsten Bormann wrote:
>>>>>> On Nov 21, 2019, at 10:52, Michael Richardson <mcr+ietf@sandelman.ca> wrote:
>>>>>>>> Is there a need for the DMARC hack for the chair aliases, too?
>>>>>>> Oh crap, yes we do.
>>>>>>> and on all of the Internet-draft author lists.
>>>>>> Just fell into the trap again (on a draft…@ietf.org alias).
>>>>>>
>>>>>> Where do I need to report this bug to so it gets addressed?
>>>>>>
>>>>>> Grüße, Carsten
>>>>>>
>>>>>> ___________________________________________________________
>>>>>> Tools-discuss mailing list
>>>>>> Tools-discuss@ietf.org
>>>>>> https://www.ietf.org/mailman/listinfo/tools-discuss
>>>>>>
>>>>>> Please report datatracker.ietf.org and mailarchive.ietf.org
>>>>>> bugs at http://tools.ietf.org/tools/ietfdb
>>>>>> or send email to datatracker-project@ietf.org
>>>>>>
>>>>>> Please report tools.ietf.org bugs at
>>>>>> http://tools.ietf.org/tools/issues
>>>>>> or send email to webmaster@tools.ietf.org
>>>>> ___________________________________________________________
>>>>> Tools-discuss mailing list
>>>>> Tools-discuss@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/tools-discuss
>>>>>
>>>>> Please report datatracker.ietf.org and mailarchive.ietf.org
>>>>> bugs at http://tools.ietf.org/tools/ietfdb
>>>>> or send email to datatracker-project@ietf.org
>>>>>
>>>>> Please report tools.ietf.org bugs at
>>>>> http://tools.ietf.org/tools/issues
>>>>> or send email to webmaster@tools.ietf.org
>>>> ___________________________________________________________
>>>> Tools-discuss mailing list
>>>> Tools-discuss@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/tools-discuss
>>>>
>>>> Please report datatracker.ietf.org and mailarchive.ietf.org
>>>> bugs at http://tools.ietf.org/tools/ietfdb
>>>> or send email to datatracker-project@ietf.org
>>>>
>>>> Please report tools.ietf.org bugs at
>>>> http://tools.ietf.org/tools/issues
>>>> or send email to webmaster@tools.ietf.org
>> ___________________________________________________________
>> Tools-discuss mailing list
>> Tools-discuss@ietf.org
>> https://www.ietf.org/mailman/listinfo/tools-discuss
>>
>> Please report datatracker.ietf.org and mailarchive.ietf.org
>> bugs at http://tools.ietf.org/tools/ietfdb
>> or send email to datatracker-project@ietf.org
>>
>> Please report tools.ietf.org bugs at
>> http://tools.ietf.org/tools/issues
>> or send email to webmaster@tools.ietf.org
> ___________________________________________________________
> Tools-discuss mailing list
> Tools-discuss@ietf.org
> https://www.ietf.org/mailman/listinfo/tools-discuss
>
> Please report datatracker.ietf.org and mailarchive.ietf.org
> bugs at http://tools.ietf.org/tools/ietfdb
> or send email to datatracker-project@ietf.org
>
> Please report tools.ietf.org bugs at
> http://tools.ietf.org/tools/issues
> or send email to webmaster@tools.ietf.org

v2.23.0 | Report a Bug | By Email