Re: [dmarc-ietf] SMTP Result Codes was -Re: Another p=reject text proposal
On Thu, Jul 13, 2023 at 3:40 AM Scott Kitterman wrote: > >Google uses 5.7.26 for the purpose (and for SPF and DKIM rejects): > > > >https://support.google.com/a/answer/3726730?sjid=16541570162287939258-NA > > > >Their use of 5.7.26 seems in keeping with IANA - Multiple authentication > >checks failed - since in order to fail DMARC, both SPF and DKIM must fail. > > > > > https://www.iana.org/assignments/smtp-enhanced-status-codes/smtp-enhanced-status-codes.xhtml > > Since there is no DMARC code, that seems like a reasonable alternative, > but I do think something more specific would be better. It's possible for > both SPF and DKIM to pass, but still fail DMARC due to alignment, so it's > not strictly true that multiple failures are required. > Someone registering a DMARC-specific code, especially if someone plans to implement it (either as a producer or a consumer, and preferably multiple implementations), would be easy to support. -MSK ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] SMTP Result Codes was -Re: Another p=reject text proposal
On July 12, 2023 1:11:37 PM UTC, Todd Herr wrote: >On Wed, Jul 12, 2023 at 7:30 AM Scott Kitterman >wrote: > >> On Wednesday, July 12, 2023 7:04:38 AM EDT Alessandro Vesely wrote: >> > On Wed 12/Jul/2023 12:54:38 +0200 Scott Kitterman wrote: >> > > On Wednesday, July 12, 2023 3:29:34 AM EDT Baptiste Carvello wrote: >> > > ... >> > > >> > >> Why? Because it's brittle and will only bring them more headaches? At >> > >> the very least, DMARC would need to use its own 5xy reply code to >> avoid >> > >> the need for parsing the reply text… >> > > >> > > This is a very good point. The IANA Simple Mail Transfer Protocol >> (SMTP) >> > > Enhanced Status Codes Registry [1] has codes for SPF and DKIM (RFC >> 7372) >> > > and ARC (RFC 8617), but not DMARC. Adding one is not currently in the >> > > DMARCbis draft, but I think it should be. >> > >> > +1; still, having the word "DMARC" in the text greatly simplifies parsing >> > logs. >> > >> > >> > I noted that Baptiste wrote 5xx, not 5.x.x. 5xx has to be 550 methinks. >> >> I agree re 550. Also, if I were writing the reject message that goes >> after >> the code, I would include DMARC in it. I suspect most will for human >> readability, but programatically, I'd use the codes if present. >> > >Google uses 5.7.26 for the purpose (and for SPF and DKIM rejects): > >https://support.google.com/a/answer/3726730?sjid=16541570162287939258-NA > >Their use of 5.7.26 seems in keeping with IANA - Multiple authentication >checks failed - since in order to fail DMARC, both SPF and DKIM must fail. > >https://www.iana.org/assignments/smtp-enhanced-status-codes/smtp-enhanced-status-codes.xhtml Since there is no DMARC code, that seems like a reasonable alternative, but I do think something more specific would be better. It's possible for both SPF and DKIM to pass, but still fail DMARC due to alignment, so it's not strictly true that multiple failures are required. Scott K ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] SMTP Result Codes was -Re: Another p=reject text proposal
On Wed, Jul 12, 2023 at 7:30 AM Scott Kitterman wrote: > On Wednesday, July 12, 2023 7:04:38 AM EDT Alessandro Vesely wrote: > > On Wed 12/Jul/2023 12:54:38 +0200 Scott Kitterman wrote: > > > On Wednesday, July 12, 2023 3:29:34 AM EDT Baptiste Carvello wrote: > > > ... > > > > > >> Why? Because it's brittle and will only bring them more headaches? At > > >> the very least, DMARC would need to use its own 5xy reply code to > avoid > > >> the need for parsing the reply text… > > > > > > This is a very good point. The IANA Simple Mail Transfer Protocol > (SMTP) > > > Enhanced Status Codes Registry [1] has codes for SPF and DKIM (RFC > 7372) > > > and ARC (RFC 8617), but not DMARC. Adding one is not currently in the > > > DMARCbis draft, but I think it should be. > > > > +1; still, having the word "DMARC" in the text greatly simplifies parsing > > logs. > > > > > > I noted that Baptiste wrote 5xx, not 5.x.x. 5xx has to be 550 methinks. > > I agree re 550. Also, if I were writing the reject message that goes > after > the code, I would include DMARC in it. I suspect most will for human > readability, but programatically, I'd use the codes if present. > Google uses 5.7.26 for the purpose (and for SPF and DKIM rejects): https://support.google.com/a/answer/3726730?sjid=16541570162287939258-NA Their use of 5.7.26 seems in keeping with IANA - Multiple authentication checks failed - since in order to fail DMARC, both SPF and DKIM must fail. https://www.iana.org/assignments/smtp-enhanced-status-codes/smtp-enhanced-status-codes.xhtml -- *Todd Herr * | Technical Director, Standards & Ecosystem *e:* todd.h...@valimail.com *p:* 703-220-4153 *m:* 703.220.4153 This email and all data transmitted with it contains confidential and/or proprietary information intended solely for the use of individual(s) authorized to receive it. If you are not an intended and authorized recipient you are hereby notified of any use, disclosure, copying or distribution of the information included in this transmission is prohibited and may be unlawful. Please immediately notify the sender by replying to this email and then delete it from your system. ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] SMTP Result Codes was -Re: Another p=reject text proposal
On Wednesday, July 12, 2023 7:04:38 AM EDT Alessandro Vesely wrote: > On Wed 12/Jul/2023 12:54:38 +0200 Scott Kitterman wrote: > > On Wednesday, July 12, 2023 3:29:34 AM EDT Baptiste Carvello wrote: > > ... > > > >> Why? Because it's brittle and will only bring them more headaches? At > >> the very least, DMARC would need to use its own 5xy reply code to avoid > >> the need for parsing the reply text… > > > > This is a very good point. The IANA Simple Mail Transfer Protocol (SMTP) > > Enhanced Status Codes Registry [1] has codes for SPF and DKIM (RFC 7372) > > and ARC (RFC 8617), but not DMARC. Adding one is not currently in the > > DMARCbis draft, but I think it should be. > > +1; still, having the word "DMARC" in the text greatly simplifies parsing > logs. > > > I noted that Baptiste wrote 5xx, not 5.x.x. 5xx has to be 550 methinks. I agree re 550. Also, if I were writing the reject message that goes after the code, I would include DMARC in it. I suspect most will for human readability, but programatically, I'd use the codes if present. Scott K ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
Re: [dmarc-ietf] SMTP Result Codes was -Re: Another p=reject text proposal
On Wed 12/Jul/2023 12:54:38 +0200 Scott Kitterman wrote: On Wednesday, July 12, 2023 3:29:34 AM EDT Baptiste Carvello wrote: ... Why? Because it's brittle and will only bring them more headaches? At the very least, DMARC would need to use its own 5xy reply code to avoid the need for parsing the reply text… This is a very good point. The IANA Simple Mail Transfer Protocol (SMTP) Enhanced Status Codes Registry [1] has codes for SPF and DKIM (RFC 7372) and ARC (RFC 8617), but not DMARC. Adding one is not currently in the DMARCbis draft, but I think it should be. +1; still, having the word "DMARC" in the text greatly simplifies parsing logs. I noted that Baptiste wrote 5xx, not 5.x.x. 5xx has to be 550 methinks. Best Ale -- ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
[dmarc-ietf] SMTP Result Codes was -Re: Another p=reject text proposal
On Wednesday, July 12, 2023 3:29:34 AM EDT Baptiste Carvello wrote: ... > Why? Because it's brittle and will only bring them more headaches? At > the very least, DMARC would need to use its own 5xy reply code to avoid > the need for parsing the reply text… ... This is a very good point. The IANA Simple Mail Transfer Protocol (SMTP) Enhanced Status Codes Registry [1] has codes for SPF and DKIM (RFC 7372) and ARC (RFC 8617), but not DMARC. Adding one is not currently in the DMARCbis draft, but I think it should be. Scott K [1] https://www.iana.org/assignments/smtp-enhanced-status-codes/smtp-enhanced-status-codes.xhtml ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
