On Tuesday, August 18, 2020, Dave Crocker <d...@dcrocker.net> wrote: > On 8/18/2020 12:48 PM, Todd Herr wrote: > >> The race condition here is in item 5, "Emails that fail the DMARC >> mechanism check are disposed of in accordance with the discovered DMARC >> policy of the Domain Owner", specifically when both the Sender and From >> headers are present, the domains are different, both publish DMARC >> policies, and only one of the two domains passes DMARC validation checks >> for that message. In that case, the question of "Which policy to apply?", >> or more precisely, "Which validation check should be honored?" will really >> matter to the disposition of the message; if, for example, the From domain >> is at p=reject and fails, while the Sender domain publishes a policy with >> the required "snd" tag and passes, should the message be rejected or >> accepted? >> > > > So, yeah, the text for that needs significant changes. Thanks for raising > this. > > I was under some time pressure and merely copied that from the existing > DMARC spec. In fact, I think that text in the DMARC spec isn't very good, > so this would be a nice excuse for thinking through reasonable language > carefully. > > The basic issue, which creates the language challenge, is the receivers > actually can and do do whatever they want. Language that pretends to > dictate receiver action for this is unrealistic. > > So the language should be cast in terms of the semantics of the > information it is tossing into the receiver's analysis engine, rather than > claiming to dictate receiver disposition of the message. IMO. > > d/ > > -- > Dave Crocker > Brandenburg InternetWorking > bbiw.net > > This is just wrong. While I appreciate the enthusiasm for using the Sender field, unless there is a mechanism for establishing a relationship between the From domain and the Sender domain then we have basically broken DMARC. Using what has been described above, any malicious actor can bypass the wishes of the From domain and send whatever they want. I fail to see how this would be considered a feature. It is precisely why I proposed a separate signature of the Sender field by the From domain to at least provide a way to show a relationship between the Two domains.
There currently is no race condition because Sender is not currently a part of DMARC. It appears that people want to introduce the same problem that existed in SenderID and PRA. Please don't. Michael Hammer
_______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
