Re: [dmarc-ietf] Aggregate Reporting - "Not Evaluated" result

Fri, 21 Oct 2022 01:11:50 -0700 

On Fri 21/Oct/2022 00:53:56 +0200 Douglas Foster wrote:


Aligned DKIM PASS

When an aligned DKIM result is PASS, I don't see that the domain owner needs 
any more data collection performed.   The verifiable DKIM scope ID should tell 
him where the message originated, and the source IP and HELO name tell the last 
place it landed before delivery.    I cannot see why a domain owner would spend 
a lot of time trying to analyze success results, unless his interests have 
transitioned from assuring identity to analyzing marketing impacts.   We are 
not trying to provide marketing data, and any successful use of DMARC for that 
purpose seems like an encroachment on the privacy concerns that we want to 
minimize.




Non-aligned signatures can be meaningful for various reasons.  In that case, 
the result of their evaluation is also meaningful.  For an example, the 
original author's domain signature, before From: was munged, is meaningful.  If 
it fails, it can be retried after undoing MLM transformation, possibly leading 
to secure recognition of the true author.  Is that worth its carbon footprint?



And for scope, one may wonder whether the recognized, or failed to be securely 
recognized original author's domain deserves a copy of the report.  People 
prone to set p=quarantine; pct=0 in order to avoid receiving "errors" would 
clearly dislike a copy of the report.  Others may want it, in order to tune 
their DKIM signing configuration.




Duplicates:

If an aligned domain has multiple DKIM signatures and one passes, I suggest 
that the PASS is the only one that needs to be reported.  If an aligned domain 
has multiple DKIM signatures and none pass, I suggest that the first one found 
(from the top) is the most important, because it is the last one applied.   If 
duplicates are reported, disaggregation is increased, so why report data that 
is not useful?




Currently, putting 2 signatures, one rsa and one ed25519, is the way to monitor 
who supports the latter.



Best
Ale
--








_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
























					Reply via email to